@mrbaskus

Отваливается соединение с Mikrotik? Что не так с ним?

Доброго дня. Есть роутер Mikrotik HeX PoE и точка доступа cAP ac. Стал выкачивать бэкап из облака на NAS (который подключен по кабелю к HeX) и сеть прилегла.
При этом если запустить банальный пинг по Wi-Fi до cAP (на скриншоте слева) и по кабелю к HeX (на скриншоте справа), то можно наблюдать следующее (см. скриншот).
5ec549281cfb0409600213.png
CPU ~15-20% HeX и ~0-1% cAP.
Что не так? Почему сеть ложится, когда канал интернета утилизируется на 100% ?

Конфиг HeX
# may/20/2020 22:57:59 by RouterOS 6.46.6
# software id = 9FXI-PZ1V
#
# model = 960PGS
# serial number = 89F908C1D4F6
/interface bridge
add admin-mac=64:D1:54:69:3C:45 auto-mac=no comment=Bridge fast-forward=no name=bridge
/interface ethernet
set [ find default-name=ether1 ] comment=GW name=eth0
set [ find default-name=ether2 ] name=eth1
set [ find default-name=ether3 ] comment=AP name=eth2
set [ find default-name=ether4 ] comment=NAS name=eth3
set [ find default-name=ether5 ] name=eth4
/interface pppoe-client
add add-default-route=yes comment=Internet disabled=no interface=eth0 keepalive-timeout=disabled name=pppoe password=ptn use-peer-dns=yes user=ptn
/interface list
add exclude=dynamic name=discover
add name=mactel
add name=mac-winbox
add name=WAN
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip hotspot profile
set [ find default=yes ] html-directory=flash/hotspot
/ip pool
add name=dhcp ranges=10.25.10.10-10.25.10.254
/ip dhcp-server
add address-pool=dhcp authoritative=after-2sec-delay disabled=no interface=bridge lease-time=3d name=dhcp
/snmp community
set [ find default=yes ] addresses=0.0.0.0/0
/interface bridge port
add bridge=bridge comment=defconf interface=eth1
add bridge=bridge interface=eth2
add bridge=bridge interface=eth3
add bridge=bridge interface=eth4
/ip neighbor discovery-settings
set discover-interface-list=discover
/interface detect-internet
set detect-interface-list=all internet-interface-list=all lan-interface-list=all wan-interface-list=all
/interface list member
add interface=eth1 list=discover
add interface=eth2 list=discover
add interface=eth3 list=discover
add interface=eth4 list=discover
add interface=bridge list=discover
add interface=bridge list=mactel
add interface=bridge list=mac-winbox
add interface=pppoe list=WAN
add interface=sfp1 list=discover
/ip accounting
set account-local-traffic=yes enabled=yes
/ip address
add address=10.25.10.1/24 comment=LAN interface=eth1 network=10.25.10.0
/ip arp
add address=10.25.10.25 interface=bridge mac-address=7C:49:EB:28:40:4C
add address=10.25.10.20 interface=bridge mac-address=74:4D:28:11:D2:EB
/ip dhcp-client
add comment=defconf interface=eth0
/ip dhcp-server lease
add address=10.25.10.20 client-id=1:74:4d:28:11:d2:eb mac-address=74:4D:28:11:D2:EB server=dhcp
/ip dhcp-server network
add address=10.25.10.0/24 dns-server=10.25.10.1,192.168.100.1,212.48.197.77,78.37.77.77 gateway=10.25.10.1 netmask=24
/ip dns
set allow-remote-requests=yes
/ip dns static
add address=10.25.10.1 name=router
/ip firewall filter
add action=accept chain=input comment="defconf: accept ICMP" disabled=yes protocol=icmp
add action=accept chain=input comment="defconf: accept established,related" connection-state=established,related
add action=fasttrack-connection chain=forward comment="defconf: fasttrack" connection-state=established,related
add action=accept chain=forward comment="defconf: accept established,related" connection-state=established,related
add action=drop chain=forward comment="defconf: drop invalid" connection-state=invalid
add action=drop chain=input in-interface=pppoe
/ip firewall nat
add action=masquerade chain=srcnat dst-port="" out-interface=pppoe
/ip service
set telnet disabled=yes
set ftp disabled=yes
set api disabled=yes
set api-ssl disabled=yes
/system clock
set time-zone-name=Europe/Moscow
/system identity
set name=gw


Конфиг cAP ac
# may/20/2020 23:05:30 by RouterOS 6.46.1
# software id = 1MHC-QMH3
#
# model = RouterBOARD cAP Gi-5acD2nD
# serial number = ADCB0A62820F
/interface bridge
add admin-mac=74:4D:28:11:D2:EB auto-mac=no comment=LAN igmp-snooping=yes mtu=1500 name=bridge protocol-mode=none
/interface ethernet
set [ find default-name=ether1 ] speed=100Mbps
set [ find default-name=ether2 ] speed=100Mbps
/interface list
add name=WAN
add name=LAN
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
add authentication-types=wpa2-psk mode=dynamic-keys name=Net1 radius-eap-accounting=yes radius-mac-accounting=yes supplicant-identity="MikroTik cAP" wpa2-pre-shared-key=key
add authentication-types=wpa2-psk management-protection=allowed mode=dynamic-keys name=Net2 radius-eap-accounting=yes radius-mac-accounting=yes supplicant-identity="MikroTik cAP" wpa2-pre-shared-key=key
/interface wireless
set [ find default-name=wlan1 ] antenna-gain=0 band=2ghz-b/g/n channel-width=20/40mhz-Ce country=russia2 disabled=no distance=indoors frequency=auto installation=indoor mode=ap-bridge security-profile=Net1 ssid=Net1 tx-power=21 \
    tx-power-mode=all-rates-fixed wireless-protocol=802.11
set [ find default-name=wlan2 ] antenna-gain=0 band=5ghz-a/n/ac channel-width=20/40/80mhz-Ceee comment=Net2 country=russia2 disabled=no distance=indoors frequency=auto installation=indoor mode=ap-bridge security-profile=Net2 ssid=\
    Net2 wireless-protocol=802.11
/interface wireless manual-tx-power-table
set wlan1 comment=Net1
set wlan2 comment=Net2
/interface wireless nstreme
set wlan1 comment=Net1
set wlan2 comment=Net2
/ip hotspot profile
set [ find default=yes ] html-directory=flash/hotspot
/interface bridge port
add bridge=bridge comment=defconf interface=ether1
add bridge=bridge comment=defconf interface=wlan1
add bridge=bridge comment=defconf interface=wlan2
add bridge=bridge comment=defconf interface=ether2
/interface list member
add interface=ether1 list=WAN
add interface=ether2 list=LAN
add interface=wlan2 list=LAN
add interface=wlan1 list=LAN
/interface wireless connect-list
add interface=wlan1 security-profile=Net1 ssid=Net1 wireless-protocol=802.11
add interface=wlan2 security-profile=Net2 ssid=Net2
/ip dhcp-client
add disabled=no interface=bridge
/ip dns
set allow-remote-requests=yes
/ip traffic-flow
set enabled=yes interfaces=bridge
/system clock
set time-zone-name=Europe/Moscow
/system identity
set name=wifi
/system routerboard mode-button
set enabled=yes on-event=dark-mode
/system script
add comment=defconf dont-require-permissions=no name=dark-mode owner=*sys policy=ftp,reboot,read,write,policy,test,password,sniff,sensitive,romon source=\
    "\r\
    \n   :if ([system leds settings get all-leds-off] = \"never\") do={\r\
    \n     /system leds settings set all-leds-off=immediate \r\
    \n   } else={\r\
    \n     /system leds settings set all-leds-off=never \r\
    \n   }\r\
    \n "
  • Вопрос задан
  • 244 просмотра
Пригласить эксперта
Ответы на вопрос 1
@dronmaxman
VoIP Administrator
Одни и те же грабли. Если собрали интерфейсы в Бридж, то IP должен быть на бридже, не на одном из интерфейсов Бриджа
add address=10.25.10.1/24 comment=LAN interface=eth1 network=10.25.10.0

Включиле фаст форвард на бридже
add admin-mac=64:D1:54:69:3C:45 auto-mac=no comment=Bridge fast-forward=no name=bridge
Ответ написан
Ваш ответ на вопрос

Войдите, чтобы написать ответ

Войти через центр авторизации
Похожие вопросы