A
A
Alexey Deev2016-09-11 20:53:58
Mikrotik
Alexey Deev, 2016-09-11 20:53:58

How to set up two subnets on the same physical port in mikrotik?

Hello everyone. There is mikrotik rb951Ui-2HnD. On ether1 - the Internet, on the rest of the locale in the bridge with wlan.
Network 192.168.1.0.24. I tried to create a vlan on ether2 and give it a subnet of 192.168.2.0/24, but nothing happens. The computer continues to receive an ip address from the main DHCP server from the 1.0/24 network. Manually ip manually drove in ip the same. Maybe of course this is not done through vlan.
On different ports, different subnets work fine, I want to do it on one physical one.
Tell me good people what can be done? Thanks in advance.

Answer the question

In order to leave comments, you need to log in

3 answer(s)
@
@, 2016-09-11
_

And on a computer in properties of a network card you registered that vlan? Mikrotik, when adding /interface vlan on the port, drives traffic both without tags and with tags, respectively, if the tag is specified on the machine, the subnet will be one, if it is not specified, it will be another.
The option to add several networks to one interface in ip address is not suitable?

A
Alexey Deev, 2016-09-11
@PobuH

# DHCP server can't run on slave interface!
Apparently this is why it doesn't work. I just don't understand why... The second dhcp is highlighted in red (
here is my config:
/interface bridge
add admin-mac=E4:8D:8C:A1:88:ED auto-mac=no comment=defconf name=bridge
/interface ethernet
set [ find default-name=ether2 ] name=ether2-master
set [ find default-name=ether3 ] master-port=ether2-master
set [ find default-name=ether4 ] master-port=ether2-master
set [ find default-name=ether5 ] master-port =ether2-master
/interface wireless
set [ find default-name=wlan1 ] band=2ghz-onlyn channel-width=20/40mhz-Ce \
country=russia2 disabled=no distance=indoors frequency=2427 mode=ap-bridge \
ssid=Alex1 wireless-protocol=802.11
/ip neighbor discovery
set ether1 discover=no
set bridge comment=defconf
/interface wireless security-profiles
set [ find default=yes ] authentication-types=wpa-psk,wpa2-psk group-ciphers=\
tkip,aes-ccm mode=dynamic-keys unicast-ciphers=tkip,aes-ccm \
wpa-pre-shared-key=CorteC2010 wpa2-pre-shared-key=CorteC2010
/ip pool
add name=dhcp ranges=192.168.1.10-192.168.1.254
add name=pool2 ranges=192.168.2.10-192.168.2.100
/ip dhcp-server
add address-pool=dhcp disabled=no interface=bridge name=defconf
# DHCP server can not run on slave interface!
add address-pool=pool2 disabled=no interface=ether2-master name=server1
/interface bridge port
add bridge=bridge comment=defconf interface=ether2-master
add bridge=bridge comment=defconf interface=wlan1
/ip address
add address=192.168.1.1/24 comment=defconf interface=ether2-master network=\
192.168.1.0
add address=192.168.2.1/24 interface=ether2-master network=192.168.2.0
/ip dhcp-client
add comment=defconf dhcp-options=hostname,clientid disabled=no interface=ether1
/ip dhcp-server network
add address=192.168.1.0/24 comment=defconf gateway=192.168.1.1 netmask=24
add address=192.168.2.0/24 gateway=192.168.2.1 netmask=24
/ip dns
set allow-remote-requests=yes
/ip dns static
add address=192.168.1.1 name=router
/ip firewall filter
add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp
add action=accept chain=input comment="defconf: accept established,related" \
connection-state=established,related
add action=drop chain=input comment="defconf: drop all from WAN" in-interface=\
ether1
add action=fasttrack-connection chain=forward comment="defconf: fasttrack" \
connection-state=established,related
add action=accept chain=forward comment="defconf: accept established,related" \
connection-state=established,related
add action=drop chain=forward comment="defconf: drop invalid" connection-state=\
invalid
add action=drop chain=forward comment=\
"defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat \
connection-state=new in-interface=ether1
/ip firewall nat
add action=masquerade chain=srcnat comment="defconf: masquerade" out-interface=\
ether1
/system clock
set time-zone-name=Asia/Krasnoyarsk
/tool mac-server
set [ find default=yes ] disabled=yes
add interface=bridge
/tool mac-server mac-winbox
set [ find default=yes ] disabled=yes
add interface=bridge

K
Kirill Vasiliev, 2016-09-12
@vasilevkirill

hello,
add another subnet to the same interface in your case bridge and don't mess around with two dhcp servers per broadcast domain.
if you need to separate networks then use vlan if the host supports tag then good, if not then use access port

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question