del perchè la pppoe che creo inspiegabilmente si disconnette applicando man mano i vari passaggi.
In pratica quando applico la parte bridge, la connessione cade e nemmeno ricreandola ritorna up.
Senza avviare la parte di ether2 (backup) funziona regolarmente.
- Codice: Seleziona tutto
/interface bridge
add name=bridge-LAN
add name=bridge-WAN
/interface pppoe-client
add add-default-route=yes disabled=no interface=ether1 name=pppoe-out1 \
password=123456 use-peer-dns=yes user=pippo
/interface list
add name=LAN
add name=WAN
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/interface bridge port
add bridge=bridge-WAN interface=ether1
add bridge=bridge-WAN interface=ether2
add bridge=bridge-LAN interface=ether3
/interface list member
add interface=bridge-LAN list=LAN
add interface=pppoe-out1 list=WAN
add interface=bridge-WAN list=WAN
/ip address
add address=123.123.123.123/24 interface=bridge-WAN network=123.123.123.0
add address=192.168.1.254/24 interface=bridge-WAN network=192.168.1.0
add address=192.168.2.254/24 interface=bridge-LAN network=192.168.2.0
/ip dhcp-client
add dhcp-options=hostname,clientid interface=ether1
/ip dns
set allow-remote-requests=yes servers=8.8.8.8,8.8.4.4
/ip firewall filter
add action=accept chain=input comment=\
"defconf: accept established,related,untracked" connection-state=\
established,related,untracked
add action=drop chain=input comment="defconf: drop invalid" connection-state=\
invalid
add action=accept chain=input comment="defconf: accept ICMP" protocol=icmp
add action=accept chain=input comment=\
"defconf: accept to local loopback (for CAPsMAN)" dst-address=127.0.0.1
add action=drop chain=input comment="defconf: drop all not coming from LAN" \
in-interface-list=!LAN
add action=accept chain=forward comment="defconf: accept in ipsec policy" \
ipsec-policy=in,ipsec
add action=accept chain=forward comment="defconf: accept out ipsec policy" \
ipsec-policy=out,ipsec
add action=fasttrack-connection chain=forward comment="defconf: fasttrack" \
connection-state=established,related
add action=accept chain=forward comment=\
"defconf: accept established,related, untracked" connection-state=\
established,related,untracked
add action=drop chain=forward comment="defconf: drop invalid" \
connection-state=invalid
add action=drop chain=forward comment=\
"defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat \
connection-state=new in-interface-list=WAN
/ip firewall nat
add action=masquerade chain=srcnat out-interface=bridge-WAN
/ip route
add comment=DF1 distance=1 gateway=pppoe-out1
add comment=DF2 distance=2 gateway=192.168.1.1
add distance=1 dst-address=1.0.0.1/32 gateway=pppoe-out1
add distance=2 dst-address=1.1.1.1/32 gateway=192.168.1.1
/ip service
set telnet disabled=yes
set ftp disabled=yes
set www disabled=yes
set ssh disabled=yes
set api disabled=yes
set api-ssl disabled=yes
/ip ssh
set forwarding-enabled=remote
/system clock
set time-zone-name=Europe/Rome
/system identity
set name="MikroTik"
/tool netwatch
add down-script="ip route set [find comment=DF1] distance=10" host=1.0.0.1 \
timeout=5s up-script="ip route set [find comment=DF1] distance=1"
add down-script="ip route set [find comment=DF2] distance=20" host=1.1.1.1 \
timeout=5s up-script="ip route set [find comment=DF2] distance=2"