Portál AbcLinuxu, 6. listopadu 2025 12:14


Dotaz: Mikrotik obcas nepriradi VLAN na dotazy pro interni DNS

16.8.2023 10:04 RadekXxX | skóre: 10
Mikrotik obcas nepriradi VLAN na dotazy pro interni DNS
Přečteno: 527×
Odpovědět | Admin

Ahoj, mam takovej divnej problem, mam 2 identicky mikrotiky s poslednim FW, oba v podstate nakonfigurovany stejne, firewall je vypnuty, pouze maskarada, je to firma A a B mezi nima je EoIP, na firme A mam VLAN10 10.0.1.1 (plus nejaky dalsi), ale o ty me nejde, mikrotik ma 10 portu rozdelenych do switch1 a switch2, vsechny porty jsou v bridge, VLANy maji nastaveny interface BRIDGE. SFP1 je trunk na switch, eth1 je internet, eth2 je trunk do dalsiho mikrotiku AP, eth3-9 jsou nastaveny na VLAN10. Na Eth3-5(interni switch1) mam problem co budu popisovat. Na eth3-5 pripojim linux server (10.0.1.20) a pustim ping na seznam.cz, s kazdym novym pingem se dotazuje DNS serveru mikrotiku na adresu a tam nastavaji timeouty

1) Firma:A, Port:ETH5, DNS:10.0.1.1, pingy se posilaji asi po 5ti sekundach. Projde ping(0-7), pak dotaz na DNS(timeout na DNS odpoved, neni prirazena vlan10)(8-9), pak projde ping(10-15), pak (16-17) zase DNS timeout, ....

Toto je zaznam ze snifferu z mikrotiku:

#  TIME    INTERFACE  SRC-ADDRESS          DST-ADDRESS          IP-PROTOCOL  SIZE  CPU 
0  3.915   ether5     10.0.1.20:52494      10.0.1.1:53 (dns)    udp            89    0 
1  3.915   bridge     10.0.1.20:52494      10.0.1.1:53 (dns)    udp            89    0 
2  3.915   vlan10     10.0.1.20:52494      10.0.1.1:53 (dns)    udp            85    0 
3  3.916   ether1     192.168.1.201:37366  8.8.8.8:53 (dns)     udp            85    0 
4  3.93    ether1     8.8.8.8:53 (dns)     192.168.1.201:37366  udp           112    0 
5  3.93    vlan10     10.0.1.1:53 (dns)    10.0.1.20:52494      udp           112    0 
6  3.93    bridge     10.0.1.1:53 (dns)    10.0.1.20:52494      udp           116    0 
7  3.93    ether5     10.0.1.1:53 (dns)    10.0.1.20:52494      udp           116    0

8  3.943   ether5     10.0.1.20:37912      10.0.1.1:53 (dns)    udp            85    0 
9  3.943   bridge     10.0.1.20:37912      10.0.1.1:53 (dns)    udp            85    0

10  8.948   ether5     10.0.1.20:37912      10.0.1.1:53 (dns)    udp            89    0
11  8.948   bridge     10.0.1.20:37912      10.0.1.1:53 (dns)    udp            89    0
12  8.948   vlan10     10.0.1.20:37912      10.0.1.1:53 (dns)    udp            85    0
13  8.949   vlan10     10.0.1.1:53 (dns)    10.0.1.20:37912      udp           112    0
14  8.949   bridge     10.0.1.1:53 (dns)    10.0.1.20:37912      udp           116    0
15  8.949   ether5     10.0.1.1:53 (dns)    10.0.1.20:37912      udp           116    0

16  8.962   ether5     10.0.1.20:37165      10.0.1.1:53 (dns)    udp            85    0
17  8.962   bridge     10.0.1.20:37165      10.0.1.1:53 (dns)    udp            85    0

18  13.967  ether5     10.0.1.20:37165      10.0.1.1:53 (dns)    udp            89    0
19  13.967  bridge     10.0.1.20:37165      10.0.1.1:53 (dns)    udp            89    0
20  13.967  vlan10     10.0.1.20:37165      10.0.1.1:53 (dns)    udp            85    0
21  13.968  vlan10     10.0.1.1:53 (dns)    10.0.1.20:37165      udp           112    0
22  13.968  bridge     10.0.1.1:53 (dns)    10.0.1.20:37165      udp           116    0
23  13.968  ether5     10.0.1.1:53 (dns)    10.0.1.20:37165      udp           116    0

24  13.98   ether5     10.0.1.20:33125      10.0.1.1:53 (dns)    udp            85    0
25  13.98   bridge     10.0.1.20:33125      10.0.1.1:53 (dns)    udp            85    0

2) Stejne jka 1), pouze na serveru nastavim DNS na 10.0.2.1 (coz je firma B pres EoIP) a vse jede jak ma
3) Stejne jak 1), pouze na serveru nastavim DNS na 172.16.20.1 (coz je adresa VPN na mikrotiku) a vse jede jak ma
4) Stejne jak 1), pouze na serveru nastavim DNS na 8.8.8.8 a vse jede jak ma
5) Pokud nastavim DNS na 10.0.1.1(VLAN10) a pripojim se na Eth6-9 coz uz je interni switch2 nebo se pripojim do AP nebo switche, ktere jsou pripojeny k mikrotiku pres trunk a taky maji na portech nastaveny vlany, tak vsechno jede jak ma
6) Pokud zmenim adresu serveru na 10.0.2.20 a prijim do stejne konfigurace do mikrotiku firmy B na stejne porty eth3-5, tak taky vse funguje jak ma

- VLAN maji interface BRIDGE(ten je pouze vytvoren a neni vnem zadne dalsi nastaveni)
- Interni porty switch mikrotiku jsou nastaveny tako:
# NAME             SWITCH   VLAN-MODE  VLAN-HEADER     DEFAULT-VLAN-ID 
0 ether1           switch1  disabled   leave-as-is     auto            
1 ether2           switch1  secure     add-if-missing  auto            
2 ether3           switch1  secure     always-strip    10              
3 ether4           switch1  secure     always-strip    10              
4 ether5           switch1  secure     always-strip    10              
5 ether6           switch2  secure     always-strip    10              
6 ether7           switch2  secure     always-strip    10              
7 ether8           switch2  secure     always-strip    10              
8 ether9           switch2  secure     always-strip    10              
9 ether10-service  switch2  disabled   leave-as-is     auto           
10 switch1-cpu      switch1  secure     leave-as-is     auto           
11 switch2-cpu      switch2  secure     leave-as-is     auto           

- VLANy na switch mikrotiku jsou nastaveny takto:
# SWITCH   VLAN-ID  PORTS      
0 switch2       10  ether6 ether7 ether8 ether9 switch2-cpu
1 switch1      100  ether2 switch1-cpu
2 switch1      110  ether2 switch1-cpu
3 switch1       10  ether2 ether3 ether4 ether5 switch1-cpu
4 switch1        1  ether2     

Uz stim laboruju asi den a porad nic, zkousel deaktivovat EoiP a vsechny ostatni VLANy krom VLAN10, odpojil jsem vsechny TRUNKy a porty nastavil na VLAN10, ale proste interni switch 1 na mikrotiku firma A se chova nejak divne.
Nejaka rada prosim, uz fakt nevim ?

Nástroje: Začni sledovat (0) ?Zašle upozornění na váš email při vložení nového komentáře.

Odpovědi

Max avatar 16.8.2023 11:21 Max | skóre: 72 | blog: Max_Devaine
Rozbalit Rozbalit vše Re: Mikrotik obcas nepriradi VLAN na dotazy pro interni DNS
Odpovědět | | Sbalit | Link | Blokovat | Admin
A nechceš sem hodit anonymizovaný full config (osekaný o veřejné ip, klíče apod.)?
Zdar Max
Měl jsem sen ... :(
16.8.2023 12:22 RadekXxX | skóre: 10
Rozbalit Rozbalit vše Re: Mikrotik obcas nepriradi VLAN na dotazy pro interni DNS 
# 2023-08-16 12:10:25 by RouterOS 7.11
# software id = GA2P-451I
#
# model = RB3011UiAS
/interface bridge
add admin-mac=78:9A:18:19:04:BD auto-mac=no name=bridge protocol-mode=none
/interface ethernet
set [ find default-name=ether10 ] name=ether10-service
/interface eoip
add mac-address=02:11:8E:E5:5E:4F name=eoip-tunnel1 remote-address=\
    172.16.20.2 tunnel-id=100
/interface vlan
add interface=bridge name=vlan10 vlan-id=10
add interface=bridge name=vlan100 vlan-id=100
add interface=bridge name=vlan110 vlan-id=110
/interface ethernet switch port
set 1 vlan-header=add-if-missing vlan-mode=secure
set 2 default-vlan-id=10 vlan-header=always-strip vlan-mode=secure
set 3 default-vlan-id=10 vlan-header=always-strip vlan-mode=secure
set 4 default-vlan-id=10 vlan-header=always-strip vlan-mode=secure
set 5 default-vlan-id=10 vlan-header=always-strip vlan-mode=secure
set 6 default-vlan-id=10 vlan-header=always-strip vlan-mode=secure
set 7 default-vlan-id=10 vlan-header=always-strip vlan-mode=secure
set 8 default-vlan-id=10 vlan-header=always-strip vlan-mode=secure
set 10 vlan-mode=secure
set 11 vlan-mode=secure
/interface list
add comment=defconf name=WAN
add comment=defconf name=LAN
/interface lte apn
set [ find default=yes ] ip-type=ipv4 use-network-apn=no
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip ipsec profile
set [ find default=yes ] enc-algorithm=aes-256,aes-128,3des
/ip pool
add name=dhcp_pool_firma ranges=10.0.1.50-10.0.1.250
add name=dhcp_pool_najemnici ranges=10.0.100.10-10.0.100.250
add name=l2tp-pool ranges=172.16.20.10-172.16.20.250
add name=dhcp_pool_navsteva ranges=10.0.110.10-10.0.110.250
add name=dhcp_pool_service ranges=192.168.88.2-192.168.88.254
/ip dhcp-server
add address-pool=dhcp_pool_firma interface=vlan10 lease-time=10m name=dhcp1
add address-pool=dhcp_pool_najemnici interface=vlan100 lease-time=10m name=\
    dhcp2
add address-pool=dhcp_pool_navsteva interface=vlan110 name=dhcp3
add address-pool=dhcp_pool_service interface=ether10-service name=dhcp4
/port
set 0 name=serial0
/ppp profile
add dns-server=172.16.20.1 local-address=172.16.20.1 name=l2tp-vpn \
    remote-address=l2tp-pool
/routing bgp template
set default disabled=no output.network=bgp-networks
/routing ospf instance
add disabled=no name=default-v2
/routing ospf area
add disabled=yes instance=default-v2 name=backbone-v2
/interface bridge port
add bridge=bridge ingress-filtering=no interface=ether2
add bridge=bridge ingress-filtering=no interface=ether3
add bridge=bridge ingress-filtering=no interface=ether4
add bridge=bridge ingress-filtering=no interface=ether5
add bridge=bridge ingress-filtering=no interface=ether7
add bridge=bridge ingress-filtering=no interface=ether8
add bridge=bridge ingress-filtering=no interface=ether9
add bridge=bridge ingress-filtering=no interface=eoip-tunnel1
add bridge=bridge ingress-filtering=no interface=ether6
add bridge=bridge interface=sfp1
/ip neighbor discovery-settings
set discover-interface-list=LAN
/ip settings
set max-neighbor-entries=8192
/ipv6 settings
set disable-ipv6=yes forward=no max-neighbor-entries=8192
/interface ethernet switch vlan
add independent-learning=no ports=ether6,ether7,ether8,ether9,switch2-cpu \
    switch=switch2 vlan-id=10
add independent-learning=no ports=ether2,switch1-cpu switch=switch1 vlan-id=\
    100
add independent-learning=no ports=ether2,switch1-cpu switch=switch1 vlan-id=\
    110
add independent-learning=no ports=ether2,ether3,ether4,ether5,switch1-cpu \
    switch=switch1 vlan-id=10
add independent-learning=no ports=ether2 switch=switch1 vlan-id=1
/interface l2tp-server server
set default-profile=l2tp-vpn enabled=yes use-ipsec=required
/interface list member
add comment=defconf interface=bridge list=LAN
add comment=defconf interface=ether1 list=WAN
/interface ovpn-server server
set auth=sha1,md5
/interface sstp-server server
set default-profile=default-encryption enabled=yes
/ip address
add address=10.0.1.1/24 interface=vlan10 network=10.0.1.0
add address=192.168.1.201/24 interface=ether1 network=192.168.1.0
add address=10.0.100.1/24 interface=vlan100 network=10.0.100.0
add address=10.0.50.1/24 interface=eoip-tunnel1 network=10.0.50.0
add address=10.0.110.1/24 interface=vlan110 network=10.0.110.0
add address=192.168.88.1/24 interface=ether10-service network=192.168.88.0
/ip dhcp-server network
add address=10.0.1.0/24 dns-server=10.0.1.1 domain=tis gateway=10.0.1.1 \
    netmask=24
add address=10.0.100.0/24 dns-server=10.0.100.1 gateway=10.0.100.1
add address=10.0.110.0/24 dns-server=10.0.110.1 gateway=10.0.110.1 netmask=24
add address=192.168.88.0/24 gateway=192.168.88.1
/ip dns
set allow-remote-requests=yes max-concurrent-queries=500 \
    max-concurrent-tcp-sessions=100 servers=8.8.8.8
/ip dns static
add disabled=yes forward-to=10.0.2.1 regexp=".*\\.brn" type=FWD
add address=10.0.1.2 disabled=yes name=switch1.tis
add address=10.0.1.1 name=gw.tis
add address=10.0.1.3 disabled=yes name=wifi1.tis
/ip firewall filter
add action=fasttrack-connection chain=forward comment=\
    "Povolit rychle odbaveni navazaneho spojeni FORWARD" connection-state=\
    established,related hw-offload=yes
add action=accept chain=forward comment="Povolit navazana spojeni na FORWARD" \
    connection-state=established,related
add action=accept chain=input comment="Povolit navazana spojeni na INPUT" \
    connection-state=established,related,untracked
add action=accept chain=input comment="Povolit ICMP" protocol=icmp
add action=accept chain=input comment="Allow L2PT / IPSec VPN access" \
    dst-port=500,1701,4500 in-interface-list=WAN protocol=udp
add action=accept chain=input in-interface-list=WAN protocol=ipsec-ah
add action=accept chain=input in-interface-list=WAN protocol=ipsec-esp
add action=accept chain=forward dst-address-list=Firma src-address-list=Firma
/ip firewall nat
add action=masquerade chain=srcnat out-interface-list=WAN
/ip route
add disabled=no dst-address=0.0.0.0/0 gateway=192.168.1.1
add disabled=no dst-address=10.0.2.0/24 gateway=10.0.50.2
/lcd
set backlight-timeout=never default-screen=stats
/ppp secret
add name=test-user profile=l2tp-vpn
add name=MikrotikBrn profile=l2tp-vpn remote-address=172.16.20.2
/routing bfd configuration
add disabled=no interfaces=all min-rx=200us min-tx=200us multiplier=5
/system clock
set time-zone-name=Europe/Prague
/system identity
set name=RouterOS
/system note
set show-at-login=no
/system ntp client
set mode=broadcast
/tool mac-server
set allowed-interface-list=LAN
/tool mac-server mac-winbox
set allowed-interface-list=LAN
/tool sniffer
set filter-port=dns
16.8.2023 16:21 RadekXxX | skóre: 10
Rozbalit Rozbalit vše Re: Mikrotik obcas nepriradi VLAN na dotazy pro interni DNS
Odpovědět | | Sbalit | Link | Blokovat | Admin
Tak jeste jsem zkousel udelat backup na obou routerech, fyzicky je prehodit a udelat obnovu nastaveni a chova se to stejne.
16.8.2023 17:46 RadekXxX | skóre: 10
Rozbalit Rozbalit vše Re: Mikrotik obcas nepriradi VLAN na dotazy pro interni DNS
Odpovědět | | Sbalit | Link | Blokovat | Admin
Tak jsem vyhazel veskere nastaveni a mam 2 konfigurace, prvni jede, druha ne.

1) Eth1: Internet, VLAN10 na interface Eth5 
# 2023-08-16 17:31:09 by RouterOS 7.11
# software id = 3F52-2YL3
#
# model = RB3011UiAS
# serial number = HER0927FV0Z
/interface ethernet
set [ find default-name=ether1 ] mac-address=78:9A:18:19:04:BC
set [ find default-name=ether2 ] mac-address=78:9A:18:19:04:BD
set [ find default-name=ether3 ] mac-address=78:9A:18:19:04:BE
set [ find default-name=ether4 ] mac-address=78:9A:18:19:04:BF
set [ find default-name=ether5 ] mac-address=78:9A:18:19:04:C0
set [ find default-name=ether6 ] mac-address=78:9A:18:19:04:C2
set [ find default-name=ether7 ] mac-address=78:9A:18:19:04:C3
set [ find default-name=ether8 ] mac-address=78:9A:18:19:04:C4
set [ find default-name=ether9 ] mac-address=78:9A:18:19:04:C5
set [ find default-name=ether10 ] mac-address=78:9A:18:19:04:C6 name=\
    ether10-service
set [ find default-name=sfp1 ] mac-address=78:9A:18:19:04:C1
/interface vlan
add interface=ether5 name=vlan10 vlan-id=10
/interface ethernet switch port
set 1 default-vlan-id=10 vlan-header=always-strip vlan-mode=secure
set 2 default-vlan-id=10 vlan-header=always-strip vlan-mode=secure
set 3 default-vlan-id=10 vlan-header=always-strip vlan-mode=secure
set 4 default-vlan-id=10 vlan-header=always-strip vlan-mode=secure
set 10 vlan-mode=secure
/interface list
add comment=defconf name=WAN
add comment=defconf name=LAN
/interface lte apn
set [ find default=yes ] ip-type=ipv4 use-network-apn=no
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip ipsec profile
set [ find default=yes ] enc-algorithm=aes-256,aes-128,3des
/ip pool
add name=dhcp_pool_firma ranges=10.0.1.50-10.0.1.250
add name=dhcp_pool_service ranges=192.168.88.2-192.168.88.254
/ip dhcp-server
add address-pool=dhcp_pool_service interface=ether10-service name=dhcp4
/port
set 0 name=serial0
/routing bgp template
set default disabled=no output.network=bgp-networks
/routing ospf instance
add disabled=no name=default-v2
/routing ospf area
add disabled=yes instance=default-v2 name=backbone-v2
/ip neighbor discovery-settings
set discover-interface-list=LAN
/ip settings
set max-neighbor-entries=8192
/ipv6 settings
set disable-ipv6=yes forward=no max-neighbor-entries=8192
/interface ethernet switch vlan
add independent-learning=no ports=ether2,ether3,ether4,ether5,switch1-cpu \
    switch=switch1 vlan-id=10
/interface l2tp-server server
set default-profile=default use-ipsec=required
/interface list member
add comment=defconf interface=vlan10 list=LAN
add comment=defconf interface=ether1 list=WAN
add interface=ether9 list=WAN
/interface ovpn-server server
set auth=sha1,md5
/interface sstp-server server
set default-profile=default-encryption
/ip address
add address=10.0.1.1/24 interface=vlan10 network=10.0.1.0
add address=192.168.1.201/24 interface=ether1 network=192.168.1.0
add address=192.168.88.1/24 interface=ether10-service network=192.168.88.0
/ip dhcp-server
add address-pool=dhcp_pool_firma interface=*D lease-time=10m name=dhcp1
/ip dhcp-server network
add address=10.0.1.0/24 dns-server=10.0.1.1 domain=tis gateway=10.0.1.1 \
    netmask=24
add address=192.168.88.0/24 gateway=192.168.88.1
/ip dns
set allow-remote-requests=yes max-concurrent-queries=500 \
    max-concurrent-tcp-sessions=100 servers=8.8.8.8
/ip firewall nat
add action=masquerade chain=srcnat out-interface-list=WAN
/ip route
add disabled=no dst-address=0.0.0.0/0 gateway=192.168.1.1
/lcd
set backlight-timeout=never default-screen=stats
/routing bfd configuration
add disabled=no interfaces=all min-rx=200us min-tx=200us multiplier=5
/system clock
set time-zone-name=Europe/Prague
/system identity
set name=RouterOS
/system note
set show-at-login=no
/system ntp client
set mode=broadcast
/tool mac-server
set allowed-interface-list=LAN
/tool mac-server mac-winbox
set allowed-interface-list=LAN
/tool sniffer
set filter-port=dns
2) Eth1: Internet, VLAN10 na interface BRIDGE, v BRIDGE je jenom Eth5 
# 2023-08-16 17:35:24 by RouterOS 7.11
# software id = 3F52-2YL3
#
# model = RB3011UiAS
# serial number = HER0927FV0Z
/interface bridge
add name=bridge1
/interface ethernet
set [ find default-name=ether1 ] mac-address=78:9A:18:19:04:BC
set [ find default-name=ether2 ] mac-address=78:9A:18:19:04:BD
set [ find default-name=ether3 ] mac-address=78:9A:18:19:04:BE
set [ find default-name=ether4 ] mac-address=78:9A:18:19:04:BF
set [ find default-name=ether5 ] mac-address=78:9A:18:19:04:C0
set [ find default-name=ether6 ] mac-address=78:9A:18:19:04:C2
set [ find default-name=ether7 ] mac-address=78:9A:18:19:04:C3
set [ find default-name=ether8 ] mac-address=78:9A:18:19:04:C4
set [ find default-name=ether9 ] mac-address=78:9A:18:19:04:C5
set [ find default-name=ether10 ] mac-address=78:9A:18:19:04:C6 name=\
    ether10-service
set [ find default-name=sfp1 ] mac-address=78:9A:18:19:04:C1
/interface vlan
add interface=bridge1 name=vlan10 vlan-id=10
/interface ethernet switch port
set 1 default-vlan-id=10 vlan-header=always-strip vlan-mode=secure
set 2 default-vlan-id=10 vlan-header=always-strip vlan-mode=secure
set 3 default-vlan-id=10 vlan-header=always-strip vlan-mode=secure
set 4 default-vlan-id=10 vlan-header=always-strip vlan-mode=secure
set 10 vlan-mode=secure
/interface list
add comment=defconf name=WAN
add comment=defconf name=LAN
/interface lte apn
set [ find default=yes ] ip-type=ipv4 use-network-apn=no
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip ipsec profile
set [ find default=yes ] enc-algorithm=aes-256,aes-128,3des
/ip pool
add name=dhcp_pool_firma ranges=10.0.1.50-10.0.1.250
add name=dhcp_pool_service ranges=192.168.88.2-192.168.88.254
/ip dhcp-server
add address-pool=dhcp_pool_firma interface=bridge1 lease-time=10m name=dhcp1
add address-pool=dhcp_pool_service interface=ether10-service name=dhcp4
/port
set 0 name=serial0
/routing bgp template
set default disabled=no output.network=bgp-networks
/routing ospf instance
add disabled=no name=default-v2
/routing ospf area
add disabled=yes instance=default-v2 name=backbone-v2
/interface bridge port
add bridge=bridge1 interface=ether5
/ip neighbor discovery-settings
set discover-interface-list=LAN
/ip settings
set max-neighbor-entries=8192
/ipv6 settings
set disable-ipv6=yes forward=no max-neighbor-entries=8192
/interface ethernet switch vlan
add independent-learning=no ports=ether2,ether3,ether4,ether5,switch1-cpu \
    switch=switch1 vlan-id=10
/interface l2tp-server server
set default-profile=default use-ipsec=required
/interface list member
add comment=defconf interface=vlan10 list=LAN
add comment=defconf interface=ether1 list=WAN
add interface=ether9 list=WAN
/interface ovpn-server server
set auth=sha1,md5
/interface sstp-server server
set default-profile=default-encryption
/ip address
add address=10.0.1.1/24 interface=vlan10 network=10.0.1.0
add address=192.168.1.201/24 interface=ether1 network=192.168.1.0
add address=192.168.88.1/24 interface=ether10-service network=192.168.88.0
/ip dhcp-server network
add address=10.0.1.0/24 dns-server=10.0.1.1 domain=tis gateway=10.0.1.1 \
    netmask=24
add address=192.168.88.0/24 gateway=192.168.88.1
/ip dns
set allow-remote-requests=yes max-concurrent-queries=500 \
    max-concurrent-tcp-sessions=100 servers=8.8.8.8
/ip firewall nat
add action=masquerade chain=srcnat out-interface-list=WAN
/ip route
add disabled=no dst-address=0.0.0.0/0 gateway=192.168.1.1
/lcd
set backlight-timeout=never default-screen=stats
/routing bfd configuration
add disabled=no interfaces=all min-rx=200us min-tx=200us multiplier=5
/system clock
set time-zone-name=Europe/Prague
/system identity
set name=RouterOS
/system note
set show-at-login=no
/system ntp client
set mode=broadcast
/tool mac-server
set allowed-interface-list=LAN
/tool mac-server mac-winbox
set allowed-interface-list=LAN
/tool sniffer
set filter-port=dns
Rozdil je opravdu pouze v tom, ze VLAN10 prirazuji primo na Eth5 a VLAN10 prirazuji na BRIDGE ve ktrem je pouze Eth5. A jeste kdyz se chci vrati z nefunkcni konfigurace tak, ze vymazu BRIDGE, tak to taky nefunguje, musim udelat reboot mikrotiku, neco nekde visi, nevim co.

Založit nové vláknoNahoru

Tiskni Sdílej: Linkuj Jaggni to Vybrali.sme.sk Google Del.icio.us Facebook

ISSN 1214-1267, (c) 1999-2007 Stickfish s.r.o.