RouterOS DHCP-Client Problem

L

Linus

0
Huhu,
ich habe mir vor ein paar Tagen ein Ros Gerät zugelegt, es funktioniert alles super, bis auf eine Sache:
Meine Wlan Brigde, die aktuell noch hinter der FritzBox hängt, bekommt als DHCP-Client keine Ip vom DHCP der Fritzbox, folglich funktioniert auch der Time-Server nicht...
Ich hoffe auf schnelle Hilfe, schonmal Danke ;)
Gruß,
UltimatumNeoLink
 
Zuletzt bearbeitet:
Ist der Adressenraum vom DHCP-Server groß genug, nicht das schon alles vergeben ist?
Befinden sich alles Geräte im selben Netz?
Hast du MAC-Filter drin?
Fritzbox eventuell mal neu starten.
 
Wie sieht denn deine Konfiguration aus? Lauscht ein DHCP-Client am richtigen Interface, was sagt '/ip dhcp-client print'? Wie ist der Router mit der Fritzbox verbunden. Ggf. Firewall-Settings vorhanden, die dazwischen funken können? Kurz: Gib mal bitte ein paar Details zu deinem Setup.
 
Huhu,
die Brigde ist auf Port 1 mit der Fritzbox verbunden, es gibt KEINE Firewall zwischen den 2 Geräten. Ich habe bei den 2 internen Switchen des MikroTik Gerätes jeweils alle Ports auf einen Master-Port gesetzt und Wlan + die 2 Switche in eine gemeinsame Brigde getan, auch Port 1 ist in der Brigde (Master 2). Das verbindene via Ip via Winbox funktioniert komischerweiße... Im Grunde genommen ist er wie ein Switch konfiguriert, bloß mit Wlan :P
In der Route List seteht ein einziger Route: Dst. Adress ist 192.168.178.0/24 Gateway bridge 1 ???
@bitmincher: /ip dhcp-client print sagt:
# INTERFACE USE ADD-DEFAULT-ROUTE SATUS ADDRESS
0 ether1 no no searching..
@Anycast: ja, es sind noch geung Adressen da.

Meine Vermutung ist, dass die Brigde nicht weiß, wie sie zum anderen Router kommen kann, der mit dem Internet verbunden ist.
Gruß,
UltimatumNeoLink
 
Wie sieht denn die Bridge-Konfiguration aus? Welchen Protocol-Mode verwendest du, ist ARP für die Bridge aktiviert, ist sie als Root-Bridge konfiguriert, ist eine Admin-MAC festgelegt? Verwenden die Interfaces ggf. eine Flow-Control oder sind irgendwelche Master-Ports eingestellt? Taucht deine Bridge in der ARP-Tabelle als Interface auf? Gibt's vielleicht auch Fehler in den Logs? Und hast du tatsächlich im MikroTik-Gerät die Firewall-Konfigurationen entfernt?

Je detaillierter du uns Infos zu deiner Konfiguration gibst, umso leichter lassen sich Fehler nachvollziehen. Mit '/export verbose' kannst du deine Router-Konfiguration komplett anzeigen lassen. Vielleicht also einfach mal den Output davon hier posten, nachdem du die Passwörter u.ä. im Output geändert hast.

Heute werde ich es allerdings nicht mehr schaffen da durchzugucken.
 
Huhu,
hier mal die Config:
# jan/03/1970 23:03:59 by RouterOS 6.5
# software id = KF9J-1GNQ
#
/interface bridge
add admin-mac=00:00:00:00:00:00 ageing-time=5m arp=enabled auto-mac=yes \
disabled=no forward-delay=15s l2mtu=1598 max-message-age=20s mtu=1500 \
name=bridge1 priority=0x8000 protocol-mode=none transmit-hold-count=6
/interface ethernet
set [ find default-name=ether2 ] arp=enabled auto-negotiation=yes bandwidth=\
unlimited/unlimited comment="All ports are switched together on ether2" \
disabled=no full-duplex=yes l2mtu=1598 mac-address=00:0C:42:B2:7D:5C \
master-port=none mtu=1500 name=ether2 orig-mac-address=00:0C:42:B2:7D:5C \
speed=100Mbps
set [ find default-name=ether3 ] arp=enabled auto-negotiation=yes bandwidth=\
unlimited/unlimited disabled=no full-duplex=yes l2mtu=1598 mac-address=\
00:0C:42:B2:7D:5D master-port=ether2 mtu=1500 name=ether3 \
orig-mac-address=00:0C:42:B2:7D:5D speed=100Mbps
set [ find default-name=ether4 ] arp=enabled auto-negotiation=yes bandwidth=\
unlimited/unlimited disabled=no full-duplex=yes l2mtu=1598 mac-address=\
00:0C:42:B2:7D:5E master-port=ether2 mtu=1500 name=ether4 \
orig-mac-address=00:0C:42:B2:7D:5E speed=100Mbps
set [ find default-name=ether5 ] arp=enabled auto-negotiation=yes bandwidth=\
unlimited/unlimited disabled=no full-duplex=yes l2mtu=1598 mac-address=\
00:0C:42:B2:7D:5F master-port=ether2 mtu=1500 name=ether5 \
orig-mac-address=00:0C:42:B2:7D:5F speed=100Mbps
set [ find default-name=ether6 ] arp=enabled auto-negotiation=yes bandwidth=\
unlimited/unlimited comment="All ports are switched together on ether6" \
disabled=no full-duplex=yes l2mtu=1598 mac-address=00:0C:42:B2:7D:60 \
master-port=none mtu=1500 name=ether6 orig-mac-address=00:0C:42:B2:7D:60 \
speed=100Mbps
set [ find default-name=ether7 ] arp=enabled auto-negotiation=yes bandwidth=\
unlimited/unlimited disabled=no full-duplex=yes l2mtu=1598 mac-address=\
00:0C:42:B2:7D:61 master-port=ether6 mtu=1500 name=ether7 \
orig-mac-address=00:0C:42:B2:7D:61 speed=100Mbps
set [ find default-name=ether8 ] arp=enabled auto-negotiation=yes bandwidth=\
unlimited/unlimited disabled=no full-duplex=yes l2mtu=1598 mac-address=\
00:0C:42:B2:7D:62 master-port=ether6 mtu=1500 name=ether8 \
orig-mac-address=00:0C:42:B2:7D:62 speed=100Mbps
set [ find default-name=ether9 ] arp=enabled auto-negotiation=yes bandwidth=\
unlimited/unlimited disabled=no full-duplex=yes l2mtu=1598 mac-address=\
00:0C:42:B2:7D:63 master-port=ether6 mtu=1500 name=ether9 \
orig-mac-address=00:0C:42:B2:7D:63 speed=100Mbps
set [ find default-name=ether10 ] arp=enabled auto-negotiation=yes bandwidth=\
unlimited/unlimited disabled=no full-duplex=yes l2mtu=1598 mac-address=\
00:0C:42:B2:7D:64 master-port=ether6 mtu=1500 name=ether10 \
orig-mac-address=00:0C:42:B2:7D:64 poe-out=auto-on speed=100Mbps
set [ find default-name=sfp1 ] arp=enabled auto-negotiation=yes bandwidth=\
unlimited/unlimited comment="SFP Interface - no configuration" disabled=\
no full-duplex=yes l2mtu=1598 mac-address=00:0C:42:B2:7D:5A master-port=\
none mtu=1500 name=sfp1 orig-mac-address=00:0C:42:B2:7D:5A \
sfp-rate-select=high speed=1Gbps
/ip neighbor discovery
set ether2 comment="All ports are switched together on ether2" discover=yes
set ether3 discover=yes
set ether4 discover=yes
set ether5 discover=yes
set ether6 comment="All ports are switched together on ether6" discover=yes
set ether7 discover=yes
set ether8 discover=yes
set ether9 discover=yes
set ether10 discover=yes
set sfp1 comment="SFP Interface - no configuration" discover=yes
set bridge1 discover=yes
/interface ethernet
set [ find default-name=ether1 ] arp=enabled auto-negotiation=yes bandwidth=\
unlimited/unlimited comment="Input LAN - Master is 2" disabled=no \
full-duplex=yes l2mtu=1598 mac-address=00:0C:42:B2:7D:5B master-port=\
ether2 mtu=1500 name=ether1 orig-mac-address=00:0C:42:B2:7D:5B speed=\
100Mbps
/ip neighbor discovery
set ether1 comment="Input LAN - Master is 2" discover=yes
/interface ethernet switch
set 0 mirror-source=none mirror-target=none name=switch1
set 1 mirror-source=none mirror-target=none name=switch2
/interface wireless security-profiles
set [ find default=yes ] authentication-types=wpa2-psk eap-methods=\
passthrough group-ciphers=aes-ccm group-key-update=5m interim-update=0s \
management-protection=disabled management-protection-key="" mode=\
dynamic-keys mschapv2-password="" mschapv2-username="" name=default \
radius-eap-accounting=no radius-mac-accounting=no \
radius-mac-authentication=no radius-mac-caching=disabled \
radius-mac-format=XX:XX:XX:XX:XX:XX radius-mac-mode=as-username \
static-algo-0=none static-algo-1=none static-algo-2=none static-algo-3=\
none static-key-0="" static-key-1="" static-key-2="" static-key-3="" \
static-sta-private-algo=none static-sta-private-key="" \
static-transmit-key=key-0 supplicant-identity=MikroTik tls-certificate=\
none tls-mode=no-certificates unicast-ciphers=aes-ccm wpa-pre-shared-key=\
r6OFlAZ8wQ5XgL5lLBKlQaFq5Ex0GPtzu1uAR6Q812vtPKDLRtquUzAgRoXyn8lI \
wpa2-pre-shared-key=\
r6OF2AZ8wQyXgL5lLBKlQ5Fq5Ex0GP5zu1uARKQ812vtPKDLRtquUzAgRoXyn8lI
add authentication-types=wpa-psk,wpa2-psk eap-methods="" group-ciphers=\
aes-ccm group-key-update=5m interim-update=0s management-protection=\
allowed management-protection-key="" mode=dynamic-keys mschapv2-password=\
"" mschapv2-username="" name=WPA2 radius-eap-accounting=no \
radius-mac-accounting=no radius-mac-authentication=no radius-mac-caching=\
disabled radius-mac-format=XX:XX:XX:XX:XX:XX radius-mac-mode=as-username \
static-algo-0=none static-algo-1=none static-algo-2=none static-algo-3=\
none static-key-0="" static-key-1="" static-key-2="" static-key-3="" \
static-sta-private-algo=none static-sta-private-key="" \
static-transmit-key=key-0 supplicant-identity="" tls-certificate=none \
tls-mode=no-certificates unicast-ciphers=aes-ccm wpa-pre-shared-key=\
jduebqpmqn wpa2-pre-shared-key=jduebqpmqn
/interface wireless
set [ find default-name=wlan1 ] adaptive-noise-immunity=none allow-sharedkey=\
no antenna-gain=0 area="" arp=enabled band=2ghz-b/g/n basic-rates-a/g=\
6Mbps basic-rates-b=1Mbps bridge-mode=enabled channel-width=20mhz \
compression=no country=germany default-ap-tx-limit=0 \
default-authentication=no default-client-tx-limit=0 default-forwarding=\
yes dfs-mode=no-radar-detect disable-running-check=no disabled=no \
disconnect-timeout=3s distance=dynamic frame-lifetime=0 frequency=2427 \
frequency-mode=manual-txpower frequency-offset=0 hide-ssid=no \
ht-ampdu-priorities=0 ht-amsdu-limit=8192 ht-amsdu-threshold=8192 \
ht-basic-mcs=mcs-0,mcs-1,mcs-2,mcs-3,mcs-4,mcs-5,mcs-6,mcs-7 \
ht-guard-interval=any ht-rxchains=0,1 ht-supported-mcs="mcs-0,mcs-1,mcs-2,\
mcs-3,mcs-4,mcs-5,mcs-6,mcs-7,mcs-8,mcs-9,mcs-10,mcs-11,mcs-12,mcs-13,mcs-\
14,mcs-15,mcs-16,mcs-17,mcs-18,mcs-19,mcs-20,mcs-21,mcs-22,mcs-23" \
ht-txchains=0,1 hw-fragmentation-threshold=disabled hw-protection-mode=\
none hw-protection-threshold=0 hw-retries=7 interworking-profile=disabled \
l2mtu=2290 mac-address=00:0C:42:B2:7D:65 max-station-count=2007 mode=\
ap-bridge mtu=1500 multicast-buffering=enabled multicast-helper=default \
name=wlan1 noise-floor-threshold=default nv2-cell-radius=10 \
nv2-noise-floor-offset=default nv2-preshared-key=\
RRusQKahYh3lBIVbUek2fYHgkU1VeL235IcTAzYalN72SOwP2VJQ8vpsMPm152pdC nv2-qos=\
default nv2-queue-count=2 nv2-security=enabled on-fail-retry-time=100ms \
periodic-calibration=default periodic-calibration-interval=60 \
preamble-mode=both proprietary-extensions=post-2.9.25 radio-name=\
000C42B27D65 rate-selection=advanced rate-set=default scan-list=default \
security-profile=WPA2 ssid=MikroTik-Home-AP station-bridge-clone-mac=\
00:00:00:00:00:00 supported-rates-a/g=\
6Mbps,9Mbps,12Mbps,18Mbps,24Mbps,36Mbps,48Mbps,54Mbps supported-rates-b=\
1Mbps,2Mbps,5.5Mbps,11Mbps tdma-period-size=2 tx-power-mode=default \
update-stats-interval=disabled wds-cost-range=50-150 wds-default-bridge=\
none wds-default-cost=100 wds-ignore-ssid=no wds-mode=disabled \
wireless-protocol=802.11 wmm-support=disabled
/interface wireless manual-tx-power-table
set wlan1 manual-tx-powers="1Mbps:17,2Mbps:17,5.5Mbps:17,11Mbps:17,6Mbps:17,9M\
bps:17,12Mbps:17,18Mbps:17,24Mbps:17,36Mbps:17,48Mbps:17,54Mbps:17,HT20-0:\
17,HT20-1:17,HT20-2:17,HT20-3:17,HT20-4:17,HT20-5:17,HT20-6:17,HT20-7:17,H\
T40-0:17,HT40-1:17,HT40-2:17,HT40-3:17,HT40-4:17,HT40-5:17,HT40-6:17,HT40-\
7:17"
/ip neighbor discovery
set wlan1 discover=yes
/interface wireless nstreme
set wlan1 disable-csma=no enable-nstreme=no enable-polling=yes framer-limit=\
3200 framer-policy=none
/ip dhcp-client option
set clientid code=61 name=clientid value="0x01\$(CLIENT_MAC)"
set hostname code=12 name=hostname value="\$(HOSTNAME)"
/ip dhcp-server
add address-pool=static-only authoritative=after-2sec-delay bootp-support=\
static disabled=yes interface=sfp1 lease-script="" lease-time=3d name=\
dhcp1
add address-pool=static-only authoritative=after-2sec-delay bootp-support=\
static disabled=yes lease-script="" lease-time=3d name=dhcp2
/ip hotspot profile
set [ find default=yes ] dns-name="" hotspot-address=0.0.0.0 html-directory=\
hotspot http-cookie-lifetime=3d http-proxy=0.0.0.0:0 login-by=\
cookie,http-chap name=default rate-limit="" smtp-server=0.0.0.0 \
split-user-domain=no use-radius=no
/ip hotspot user profile
set [ find default=yes ] add-mac-cookie=yes address-list="" idle-timeout=none \
!insert-queue-before keepalive-timeout=2m mac-cookie-timeout=3d name=\
default !parent-queue !queue-type shared-users=1 status-autorefresh=1m \
transparent-proxy=no
/ip ipsec mode-cfg
set (unknown) name=request-only send-dns=yes
/ip ipsec policy group
set default name=default
/ip ipsec proposal
set [ find default=yes ] auth-algorithms=sha1 disabled=no enc-algorithms=3des \
lifetime=30m name=default pfs-group=modp1024
/port
set 0 baud-rate=auto data-bits=8 flow-control=none name=serial0 parity=none \
stop-bits=1
/ppp profile
set 0 address-list="" !bridge !bridge-path-cost !bridge-port-priority \
change-tcp-mss=yes !dns-server !idle-timeout !incoming-filter \
!insert-queue-before !local-address name=default only-one=default \
!outgoing-filter !parent-queue !queue-type !rate-limit !remote-address \
!session-timeout use-compression=default use-encryption=default use-mpls=\
default use-vj-compression=default !wins-server
set 1 address-list="" !bridge !bridge-path-cost !bridge-port-priority \
change-tcp-mss=yes !dns-server !idle-timeout !incoming-filter \
!insert-queue-before !local-address name=default-encryption only-one=\
default !outgoing-filter !parent-queue !queue-type !rate-limit \
!remote-address !session-timeout use-compression=default use-encryption=\
yes use-mpls=default use-vj-compression=default !wins-server
/queue type
set 0 kind=pfifo name=default pfifo-limit=50
set 1 kind=pfifo name=ethernet-default pfifo-limit=50
set 2 kind=sfq name=wireless-default sfq-allot=1514 sfq-perturb=5
set 3 kind=red name=synchronous-default red-avg-packet=1000 red-burst=20 \
red-limit=60 red-max-threshold=50 red-min-threshold=10
set 4 kind=sfq name=hotspot-default sfq-allot=1514 sfq-perturb=5
set 5 kind=pcq name=pcq-upload-default pcq-burst-rate=0 pcq-burst-threshold=0 \
pcq-burst-time=10s pcq-classifier=src-address pcq-dst-address-mask=32 \
pcq-dst-address6-mask=128 pcq-limit=50 pcq-rate=0 pcq-src-address-mask=32 \
pcq-src-address6-mask=128 pcq-total-limit=2000
set 6 kind=pcq name=pcq-download-default pcq-burst-rate=0 \
pcq-burst-threshold=0 pcq-burst-time=10s pcq-classifier=dst-address \
pcq-dst-address-mask=32 pcq-dst-address6-mask=128 pcq-limit=50 pcq-rate=0 \
pcq-src-address-mask=32 pcq-src-address6-mask=128 pcq-total-limit=2000
set 7 kind=none name=only-hardware-queue
set 8 kind=mq-pfifo mq-pfifo-limit=50 name=multi-queue-ethernet-default
set 9 kind=pfifo name=default-small pfifo-limit=10
/routing bgp instance
set default as=65530 client-to-client-reflection=yes !cluster-id \
!confederation disabled=no ignore-as-path-len=no name=default out-filter=\
"" redistribute-connected=no redistribute-ospf=no redistribute-other-bgp=\
no redistribute-rip=no redistribute-static=no router-id=0.0.0.0 \
routing-table=""
/routing ospf instance
set [ find default=yes ] disabled=no distribute-default=never !domain-id \
!domain-tag in-filter=ospf-in metric-bgp=auto metric-connected=20 \
metric-default=1 metric-other-ospf=auto metric-rip=20 metric-static=20 \
!mpls-te-area !mpls-te-router-id name=default out-filter=ospf-out \
redistribute-bgp=no redistribute-connected=no redistribute-other-ospf=no \
redistribute-rip=no redistribute-static=no router-id=0.0.0.0 \
!routing-table !use-dn
/routing ospf area
set [ find default=yes ] area-id=0.0.0.0 disabled=no instance=default name=\
backbone type=default
/snmp community
set [ find default=yes ] addresses=0.0.0.0/0 authentication-password="" \
authentication-protocol=MD5 encryption-password="" encryption-protocol=\
DES name=public read-access=yes security=none write-access=no
/system logging action
set 0 memory-lines=1000 memory-stop-on-full=no name=memory target=memory
set 1 disk-file-count=2 disk-file-name=log disk-lines-per-file=1000 \
disk-stop-on-full=no name=disk target=disk
set 2 name=echo remember=yes target=echo
set 3 bsd-syslog=no name=remote remote-port=514 src-address=0.0.0.0 \
syslog-facility=daemon syslog-severity=auto syslog-time-format=bsd-syslog \
target=remote
/user group
set read name=read policy="local,telnet,ssh,reboot,read,test,winbox,password,w\
eb,sniff,sensitive,api,!ftp,!write,!policy" skin=default
set write name=write policy="local,telnet,ssh,reboot,read,write,test,winbox,pa\
ssword,web,sniff,sensitive,api,!ftp,!policy" skin=default
set full name=full policy="local,telnet,ssh,ftp,reboot,read,write,policy,test,\
winbox,password,web,sniff,sensitive,api" skin=default
/interface bridge filter
add !802.3-sap !802.3-type action=drop !arp-dst-address !arp-dst-mac-address \
!arp-gratuitous !arp-hardware-type !arp-opcode !arp-packet-type \
!arp-src-address !arp-src-mac-address chain=input disabled=yes \
!dst-address !dst-mac-address dst-port=68 !in-bridge in-interface=ether1 \
!ingress-priority ip-protocol=udp !limit mac-protocol=ip !out-bridge \
!out-interface !packet-mark !packet-type !src-address !src-mac-address \
!src-port !stp-flags !stp-forward-delay !stp-hello-time !stp-max-age \
!stp-msg-age !stp-port !stp-root-address !stp-root-cost \
!stp-root-priority !stp-sender-priority !stp-type !vlan-encap !vlan-id \
!vlan-priority
/interface bridge port
add bridge=bridge1 disabled=no edge=auto external-fdb=auto horizon=none \
interface=ether2 path-cost=10 point-to-point=auto priority=0x80
add bridge=bridge1 disabled=no edge=auto external-fdb=auto horizon=none \
interface=ether6 path-cost=10 point-to-point=auto priority=0x80
add bridge=bridge1 disabled=no edge=auto external-fdb=auto horizon=none \
interface=wlan1 path-cost=10 point-to-point=auto priority=0x80
/interface bridge settings
set allow-fast-path=yes use-ip-firewall=no use-ip-firewall-for-pppoe=no \
use-ip-firewall-for-vlan=no
/interface ethernet switch port
set 0 default-vlan-id=auto vlan-header=leave-as-is vlan-mode=disabled
set 1 default-vlan-id=auto vlan-header=leave-as-is vlan-mode=disabled
set 2 default-vlan-id=auto vlan-header=leave-as-is vlan-mode=disabled
set 3 default-vlan-id=auto vlan-header=leave-as-is vlan-mode=disabled
set 4 default-vlan-id=auto vlan-header=leave-as-is vlan-mode=disabled
set 5 default-vlan-id=auto vlan-header=leave-as-is vlan-mode=disabled
set 6 default-vlan-id=0 vlan-header=leave-as-is vlan-mode=disabled
set 7 default-vlan-id=0 vlan-header=leave-as-is vlan-mode=disabled
set 8 default-vlan-id=0 vlan-header=leave-as-is vlan-mode=disabled
set 9 default-vlan-id=0 vlan-header=leave-as-is vlan-mode=disabled
set 10 default-vlan-id=0 vlan-header=leave-as-is vlan-mode=disabled
set 11 default-vlan-id=auto vlan-header=leave-as-is vlan-mode=disabled
set 12 default-vlan-id=0 vlan-header=leave-as-is vlan-mode=disabled
/interface l2tp-server server
set authentication=pap,chap,mschap1,mschap2 default-profile=\
default-encryption enabled=no keepalive-timeout=30 max-mru=1450 max-mtu=\
1450 mrru=disabled
/interface ovpn-server server
set auth=sha1,md5 certificate=none cipher=blowfish128,aes128 default-profile=\
default enabled=no keepalive-timeout=60 mac-address=FE:2C:92:ED:F8:BE \
max-mtu=1500 mode=ip netmask=24 port=1194 require-client-certificate=no
/interface pptp-server server
set authentication=mschap1,mschap2 default-profile=default-encryption \
enabled=no keepalive-timeout=30 max-mru=1450 max-mtu=1450 mrru=disabled
/interface sstp-server server
set authentication=pap,chap,mschap1,mschap2 certificate=none default-profile=\
default enabled=no force-aes=no keepalive-timeout=60 max-mru=1500 \
max-mtu=1500 mrru=disabled port=443 verify-client-certificate=no
/interface wireless access-list
add ap-tx-limit=0 authentication=yes client-tx-limit=0 comment=Tablet-Papa \
disabled=no forwarding=yes interface=all mac-address=60:21:C0:84:93:0C \
management-protection-key="" private-algo=none private-key="" \
private-pre-shared-key="" signal-range=-120..120 !time
/interface wireless align
set active-mode=yes audio-max=-20 audio-min=-100 audio-monitor=\
00:00:00:00:00:00 filter-mac=00:00:00:00:00:00 frame-size=300 \
frames-per-second=25 receive-all=no ssid-all=no
/interface wireless sniffer
set channel-time=200ms file-limit=10 file-name="" memory-limit=10 \
multiple-channels=no only-headers=no receive-errors=no streaming-enabled=\
no streaming-max-rate=0 streaming-server=0.0.0.0
/interface wireless snooper
set channel-time=200ms multiple-channels=yes receive-errors=no
/ip accounting
set account-local-traffic=no enabled=no threshold=256
/ip accounting web-access
set accessible-via-web=no address=0.0.0.0/0
/ip address
add address=192.168.178.57/24 disabled=no interface=wlan1 network=\
192.168.178.0
/ip dhcp-client
add add-default-route=no dhcp-options=clientid,clientid,hostname disabled=no \
interface=ether1 use-peer-dns=no use-peer-ntp=no
/ip dhcp-server config
set store-leases-disk=5m
/ip dns
set allow-remote-requests=yes cache-max-ttl=1w cache-size=2048KiB \
max-udp-packet-size=4096 query-server-timeout=2s query-total-timeout=10s \
servers=8.8.8.8
/ip firewall connection tracking
set enabled=auto generic-timeout=10m icmp-timeout=10s tcp-close-timeout=10s \
tcp-close-wait-timeout=10s tcp-established-timeout=1d \
tcp-fin-wait-timeout=10s tcp-last-ack-timeout=10s \
tcp-syn-received-timeout=5s tcp-syn-sent-timeout=5s \
tcp-time-wait-timeout=10s udp-stream-timeout=3m udp-timeout=10s
/ip neighbor discovery settings
set default=yes default-for-dynamic=no
/ip settings
set accept-redirects=no accept-source-route=no allow-fast-path=yes \
allow-hw-fast-path=no arp-timeout=30s icmp-rate-limit=10 icmp-rate-mask=\
0x1818 ip-forward=yes rp-filter=no secure-redirects=yes send-redirects=\
yes tcp-syncookies=no
/ip firewall service-port
set ftp disabled=yes ports=21
set tftp disabled=yes ports=69
set irc disabled=yes ports=6667
set h323 disabled=yes
set sip disabled=yes ports=5060,5061 sip-direct-media=yes
set pptp disabled=yes
/ip hotspot service-port
set ftp disabled=no ports=21
/ip proxy
set always-from-cache=no cache-administrator=webmaster cache-hit-dscp=4 \
cache-on-disk=no enabled=no max-cache-object-size=2048KiB max-cache-size=\
unlimited max-client-connections=600 max-fresh-time=3d \
max-server-connections=600 parent-proxy=:: parent-proxy-port=0 port=8080 \
serialize-connections=no src-address=::
/ip service
set telnet address="" disabled=yes port=23
set ftp address="" disabled=yes port=21
set www address="" disabled=yes port=80
set ssh address="" disabled=yes port=22
set www-ssl address="" certificate=none disabled=yes port=443
set api address="" disabled=yes port=8728
set winbox address="" disabled=no port=8291
set api-ssl address="" certificate=none disabled=yes port=8729
/ip smb
set allow-guests=yes comment=MikrotikSMB domain=MSHOME enabled=no interfaces=\
all
/ip smb shares
set [ find default=yes ] comment="default share" directory=/pub disabled=no \
max-sessions=10 name=pub
/ip smb users
set [ find default=yes ] disabled=no name=guest password="" read-only=yes
/ip socks
set connection-idle-timeout=2m enabled=no max-connections=200 port=1080
/ip traffic-flow
set active-flow-timeout=30m cache-entries=32k enabled=no \
inactive-flow-timeout=15s interfaces=all
/ip upnp
set allow-disable-external-interface=yes enabled=no show-dummy-rule=yes
/lcd
set backlight-timeout=30m default-screen=main-menu enabled=yes \
read-only-mode=no time-interval=min touch-screen=enabled
/lcd pin
set hide-pin-number=no pin-number=1234
/lcd interface
set sfp1 disabled=no interface=sfp1 max-speed=auto timeout=10s
set ether1 disabled=no interface=ether1 max-speed=auto timeout=10s
set ether2 disabled=no interface=ether2 max-speed=auto timeout=10s
set ether3 disabled=no interface=ether3 max-speed=auto timeout=10s
set ether4 disabled=no interface=ether4 max-speed=auto timeout=10s
set ether5 disabled=no interface=ether5 max-speed=auto timeout=10s
set ether6 disabled=no interface=ether6 max-speed=auto timeout=10s
set ether7 disabled=no interface=ether7 max-speed=auto timeout=10s
set ether8 disabled=no interface=ether8 max-speed=auto timeout=10s
set ether9 disabled=no interface=ether9 max-speed=auto timeout=10s
set ether10 disabled=no interface=ether10 max-speed=auto timeout=10s
set wlan1 disabled=no interface=wlan1 max-speed=auto timeout=10s
/lcd interface pages
set 0 interfaces="sfp1,ether1,ether2,ether3,ether4,ether5,ether6,ether7,ether8\
,ether9,ether10,wlan1"
/lcd screen
set 0 disabled=no timeout=10s
set 1 disabled=no timeout=10s
set 2 disabled=no timeout=10s
set 3 disabled=no timeout=10s
set 4 disabled=no timeout=10s
set 5 disabled=no timeout=10s
/mpls
set dynamic-label-range=16-1048575 propagate-ttl=yes
/mpls interface
set [ find default=yes ] disabled=no interface=all mpls-mtu=1508
/mpls ldp
set distribute-for-default-route=no enabled=no hop-limit=255 loop-detect=no \
lsr-id=0.0.0.0 path-vector-limit=255 transport-address=0.0.0.0 \
use-explicit-null=no
/port firmware
set directory=firmware ignore-directip-modem=no
/ppp aaa
set accounting=yes interim-update=0s use-radius=no
/queue interface
set sfp1 queue=only-hardware-queue
set ether1 queue=only-hardware-queue
set ether2 queue=only-hardware-queue
set ether3 queue=only-hardware-queue
set ether4 queue=only-hardware-queue
set ether5 queue=only-hardware-queue
set ether6 queue=only-hardware-queue
set ether7 queue=only-hardware-queue
set ether8 queue=only-hardware-queue
set ether9 queue=only-hardware-queue
set ether10 queue=only-hardware-queue
set wlan1 queue=wireless-default
/radius incoming
set accept=no port=3799
/routing bfd interface
set [ find default=yes ] disabled=no interface=all interval=0.2s min-rx=0.2s \
multiplier=5
/routing mme
set bidirectional-timeout=2 gateway-class=none gateway-keepalive=1m \
gateway-selection=no-gateway origination-interval=5s preferred-gateway=\
0.0.0.0 timeout=1m ttl=50
/routing rip
set distribute-default=never garbage-timer=2m metric-bgp=1 metric-connected=1 \
metric-default=1 metric-ospf=1 metric-static=1 redistribute-bgp=no \
redistribute-connected=no redistribute-ospf=no redistribute-static=no \
routing-table=main timeout-timer=3m update-timer=30s
/snmp
set contact="" enabled=no engine-id="" location="" trap-generators="" \
trap-target="" trap-version=1
/system clock
set time-zone-name=Europe/Berlin
/system clock manual
set dst-delta=+00:00 dst-end="jan/01/1970 00:00:00" dst-start=\
"jan/01/1970 00:00:00" time-zone=+00:00
/system console
set [ find port=serial0 ] channel=0 disabled=no port=serial0 term=vt102
/system identity
set name=MikroTik-Wlan
/system logging
set 0 action=memory disabled=no prefix="" topics=info
set 1 action=memory disabled=no prefix="" topics=error
set 2 action=memory disabled=no prefix="" topics=warning
set 3 action=echo disabled=no prefix="" topics=critical
add action=memory disabled=yes prefix="" topics=ipsec
add action=remote disabled=yes prefix="" topics=!ups
/system note
set note="\
\nWelcome to MikroTik-Wlan \
\n\
\nUptime: 00:01:10\
\nCPU: 0%\
\nRAM: 17760/131072M\
\nVoltage: 24 V\
\nTemp: 35 C\
\n" show-at-login=yes
/system ntp client
set enabled=yes mode=unicast primary-ntp=38.229.71.1 secondary-ntp=\
129.70.132.32
/system resource irq
set 0 cpu=auto
set 1 cpu=auto
set 2 cpu=auto
set 3 cpu=auto
set 4 cpu=auto
set 5 cpu=auto
set 6 cpu=auto
/system routerboard settings
set baud-rate=115200 boot-delay=2s boot-device=nand-if-fail-then-ethernet \
boot-protocol=bootp cpu-frequency=600MHz enable-jumper-reset=yes \
enter-setup-on=any-key force-backup-booter=no silent-boot=no
/system routerboard usb
set usb-mode=automatic
/system scheduler
add disabled=yes interval=1m name=Message_of_the_day on-event=\
Message_of_the_day policy=\
ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive,api \
start-time=startup
/system script
add name=Message_of_the_day policy=\
ftp,reboot,read,write,policy,test,winbox,password,sniff,sensitive,api \
source=":local logcontent \"\"\r\
\n\r\
\n# zeige die Identit\E4t des Routers\r\
\n:set logcontent \"\\nWelcome to \$[/system identity get name] \\n\\n\"\r\
\n\r\
\n# Uptime\r\
\n:set logcontent (\$logcontent . \"Uptime: \$[/system resource get uptime\
]\\n\")\r\
\n\r\
\n# CPU\r\
\n:set logcontent (\$logcontent . \"CPU: \$[/system resource get cpu-load]\
%\\n\")\r\
\n\r\
\n# RAM\r\
\n:set logcontent (\$logcontent . \"RAM: \$(([/system resource get total-m\
emory]-[/system resource get free-memory])/1024)/\$([/system resource get \
total-memory]/1024)M\\n\")\r\
\n\r\
\n# Voltage\r\
\n:set logcontent (\$logcontent . \"Voltage: \$[:pick [/system health get \
voltage] 0 2] V\\n\")\r\
\n\r\
\n# Temperature\r\
\n:set logcontent (\$logcontent . \"Temp: \$[ /system health get temperatu\
re] C\\n\")\r\
\n\r\
\n/system note set note=\"\$logcontent\""
/system upgrade mirror
set check-interval=1d enabled=no primary-server=0.0.0.0 secondary-server=\
0.0.0.0 user=""
/system watchdog
set auto-send-supout=no automatic-supout=yes no-ping-delay=5m watch-address=\
none watchdog-timer=yes
/tool bandwidth-server
set allocate-udp-ports-from=2000 authenticate=yes enabled=no max-sessions=100
/tool e-mail
set address=0.0.0.0 from=<> password="" port=25 start-tls=no user=""
/tool graphing
set page-refresh=300 store-every=5min
/tool mac-server
set [ find default=yes ] disabled=no interface=all
/tool mac-server mac-winbox
set [ find default=yes ] disabled=no interface=all
/tool mac-server ping
set enabled=yes
/tool sms
set allowed-number="" channel=0 keep-max-sms=0 receive-enabled=no secret="" \
sim-pin=""
/tool sniffer
set file-limit=1000KiB file-name="" filter-direction=any filter-interface="" \
filter-ip-address="" filter-ip-protocol="" filter-mac-address="" \
filter-mac-protocol="" filter-operator-between-entries=or filter-port="" \
filter-stream=no memory-limit=100KiB memory-scroll=yes only-headers=no \
streaming-enabled=no streaming-server=0.0.0.0
/tool traffic-generator
set latency-distribution-max=100us stats-samples-to-keep=100 test-id=0
/user aaa
set accounting=yes default-group=read exclude-groups="" interim-update=0s \
use-radius=no
Schonmal Danke. Passwörter sind geändert!
Gruß,
UltimatumNeoLink

Edit: Wie man oben in den Einstellungen sieht, habe ich z.B. den Ports Ether1-5 den Master-Port 2 gegeben und dann den Pysikalischen Switch Ether2 zur brigde1hinzugefügt. Jetzt kam ich auch die komische Idee die "logischen" Switche Ether2 als Master von der Bridge zu entvernen und einzeln der brigde1 hinzuzufügen. Was sagt ihr dazu? Erst schien es zu funktionieren, der DHCP Client hat acuh seine Ip bekommen, der Time-Server wollte aber trotzdem net... Und die Routes sind auch gleich geblieben...
Edit2: Nach einem Reboot stellte sich die Sache mit dem DHCP-Client (Edit1) jeddoch als Misserfolg dar. Ich habe jetzt wd die Configuration von vorher drin. (Also die oben gepostete.)
 
Zuletzt bearbeitet:
Also ich sehe da erstmal keine Fehler. Stimmt grossteils mit der Default-Bridge-Konfiguration überein, die ich verwende, ausser dass ich immer explizit eine Admin-Mac vergebe. Allerdings hast du 'wds-default-bridge=none' für dein wlan1 gesetzt. Wenn es das Interface ist, das sich via DHCP von der Fritzbox eine IP holen soll, dann solltest du dafür die Default-Bridge auf deine bridge1 setzen.

Edit: Und ich sehe einen DHCP-Client nur auf ether1.
 
Huhu bitmuncher,
schomal vielen Dank, dass du dir überhaupt die Arbeit gemacht hast, die Config durchzulesen :D Finde ich Super!
Ich glaube aber, wir haben uns da missverstanden: Ether1 ist mit der Fb verbunde, das heiß da hängt auch der DHCP von der Fb dran. Mein Problem ist also, dass sich der DHCP Client keine Ip besorgen will...
Der Rest funktioniert ja (abgesehn von dem Time-Server, der vom DHCP abhängt, was mein eig. Ziel bei der ganzen Sache ist.) Hast du dann vlt. eine Idee, was ich falschmache?

Achja: Was bringt mir eine Admin-MAC ?

Gruß,
UltimatumNeoLink
 
Ok. Aber auch bei der DHCP-Client-Konfiguration sehe ich erstmal keinen Fehler. Ich kann mir höchstens vorstellen, dass die dhcp-options Probleme bereiten könnten. Diese sollten normalerweise auf 'hostname,clientid' gesetzt sein. Geben denn ggf. die System-Logs irgendwelche Meldungen, wenn du mal den Lease erneuerst?
 
Huhu,
habe mal den DHCP Client auf Hostename, Clientid gesetzt, hat nix gebracht, oder geändert...
Um den Lease zu erneuern, müsste ich auf heute Abend warten, da mein Vater im Moment der Fb Verwalter ist.
Gruß,
UltimatumNeoLink

Edit: Vlt. hilft dir das: Ich kann vom der Brigde aus keinen Ping Befehl an, z.B. www.gogle.de ausführen, bzw. können schon, macht aber nix(ja ich verwende die Ip nicht den Hostnamen!). Das ist mein eigentliches Problem, wenn das gelöst wäre, würde der SNTP Client ja funktionieren, oder?
 
Zuletzt bearbeitet:
Sofern möglich, schaut euch bei der Lease-Erneuerung mal die Logs sowohl von der FB als auch vom ROS an. Interessant ist vor allem, ob die DHCP-Anfrage bei der FB ankommt, ob die Antwort vom ROS empfangen wird und wenn ja, wie dieses darauf reagiert. Ggf. mal beim ROS unter System -> Logging (/system logging) alle Logs auf "echo" stellen und während der DHCP-Experimente via SSH auf einem Port mit statischer IP eingeloggt bleiben.
 
Die Lösung des Problems...

Huhu,
wie so oft lag es das Problem mal wider vor der Tastatur (ca. 50cm vom Bildschirm entfernt ;) ).
Ich hatte den DHCP Server auf das Interface Ethe1 gesetzt, als ich gerade dabei war den Lease der Fb zu erneuern, habe ich den DHCP-Client nochmal neu eirichten müssen, da ich aus versehen auf das - gekommen bin - zu meinem Glück! Diesmal wählte ich fröhlich das Interface Brigde1 und... es klappte! Un das tut es immernoch!
Somit ist das Thema gelöst, nochmal großen Dank an dich Bitmuncher, für deine Mühe, die du dir gegeben hast ;)
Mit (super) freundliche Grüßen,
UltimatumNeoLink
 
Um antworten zu können musst du eingeloggt sein.
Zurück
Oben