Community discussions

MikroTik App
 
User avatar
Hugh Hartman
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 92
Joined: Fri May 28, 2004 2:01 pm
Location: Fort Kent, Maine

Mikrotik and MAC's in bridged configuration.

Fri Aug 20, 2004 6:32 pm

Does a Mikrotik configured as a transparent bridge, bridging the ethernet interfaces and set between the CPE and the switch,,, change the packets to appear as 1 MAC?
 
User avatar
lastguru
Member
Member
Posts: 432
Joined: Fri May 28, 2004 9:04 pm
Location: Certified Trainer/Consultant in Riga, Latvia
Contact:

Fri Aug 20, 2004 7:11 pm

No, it does not change MAC addresses if configured as bridge. Why should it?
 
User avatar
Hugh Hartman
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 92
Joined: Fri May 28, 2004 2:01 pm
Location: Fort Kent, Maine

Fri Aug 20, 2004 7:29 pm

I was not sure what took place at the packet level when you use the Bridge firewall feature for MAC filtering and simple ques for bandwidth limiting.

The issue I am faced with is the CPE is multi MAC bridge support, however limited to 8 MAC's according to the manufacturer (tranzeo TR-CPE200-15). I am uncertain if they mean in the wireless side (ie associations) or the ethernet side (connections).

We are current testing/using the CPE wired to a switch and then out to customers (hardwired in an apartment building) and another AP.
 
Bill
Frequent Visitor
Frequent Visitor
Posts: 70
Joined: Fri May 28, 2004 4:24 pm
Location: Nevada

Sat Aug 21, 2004 3:42 pm

Usually, for a CPE unit, the limitation on the number of MAC addresses is on the ethernet port. This lets you use just a switch or hub to attach multiple PC's to the CPE. Some manufacturers use this for feature distinction between the consumer and business models of the CPE. Some CPE units only allow one MAC, others are unlimited. You can usually get around such limitations with an inexpensive router, if needed.
 
User avatar
Hugh Hartman
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 92
Joined: Fri May 28, 2004 2:01 pm
Location: Fort Kent, Maine

Sat Aug 21, 2004 4:29 pm

thanks for the info--

As you noted the MAC is usually limited to 1 MAC or unlimited, I have not seen a manufacturer limit to a specific number on the ethernet side.

I have seen Cisco do this on the radio association side for the reasons you mention.

I was seeking a way to not make this a seperate network segment by adding a router or changing the MT to route.
 
Bill
Frequent Visitor
Frequent Visitor
Posts: 70
Joined: Fri May 28, 2004 4:24 pm
Location: Nevada

Sun Aug 22, 2004 1:08 pm

I was seeking a way to not make this a seperate network segment by adding a router or changing the MT to route.
Actually, it is better to have the customers location as a separate network segment. Using an inexpensive router at their location accomplishes this. You really don't want all their netbios traffic on your network, or for customers to be able to see each other.

I provide 1 static IP address to the customer location that is fed into a router. It NAT's that IP to their PC's and hands out IP's and DNS info by DHCP. They can add or change PC's as they wish, and it doesn't require any action on my part.

Proxim is one company that does MAC limitation. They use it on their MP.11 product line. The residential units only allow 8 MAC's and are not POE capable. The business units support 65535 MAC's and are POE capable. These units also do DHCP and NAT, so a separate router isn't needed (unless you are attaching more than 8 PC's to a residential unit).
 
User avatar
Hugh Hartman
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 92
Joined: Fri May 28, 2004 2:01 pm
Location: Fort Kent, Maine

Sun Aug 22, 2004 2:51 pm

At the customers premise we use a cheap router and they are on a seperate network,,,we provide the router programed with their IP/subnet/gateway/dns entry.

I must be confusing things here--

The section of our network I am talking about is: where we are using a CPE (for a backhaul) <> MT<> switch<> AP.

Tranzeo may very well have limited the ethernet side although they only mention: Multiple MAC Bridge Support in the product description.
 
User avatar
Hugh Hartman
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 92
Joined: Fri May 28, 2004 2:01 pm
Location: Fort Kent, Maine

Thu Aug 26, 2004 4:22 pm

With a more testing I am finding that---with no MT behind this CPE,,you are unable to turn off clients via MAC addy in the
bridge interface at the NOC.

The CPE we are using must be adding it's MAC to allow traffic, even when the MAC of the clients is removed from the filter at the NOC.
 
User avatar
bjohns
Member Candidate
Member Candidate
Posts: 271
Joined: Sat May 29, 2004 4:11 am
Location: Sippy Downs, Australia
Contact:

Thu Aug 26, 2004 4:35 pm

FYI Cisco WGB's are limited to 8 MAC entries. All their other wifi devices have unlimited (or some very high number).
 
User avatar
Hugh Hartman
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 92
Joined: Fri May 28, 2004 2:01 pm
Location: Fort Kent, Maine

Thu Aug 26, 2004 4:53 pm

bjohns--i have run into that on the radio association side of wireless with Cisco Br342 when the WGB software was loaded in error.

What I am not able to determine is if an ethernet connection side of Tranzeo TR-CPE200-15 has the same type of limitation.

At this point, we plan to go forward, as there seems to be a change in the packet which is allowing it to go to the NOC,,even if filtered out.

As we approach the likelyhood of 8 simultaious ethernet connections; we plan to have another piece of equipment on hand should it fail.

I would be more at ease, if i could find out the likelyhood of this working.