1

I have a Mikrotik router with 5 ports. By default ether2-master is a master port for the ports 3-5. If I try to change it - I'm disconnected from the router, so I have to reset it to get the connection back.

So far I've tried:

  1. to remove everywhere a master port setting;
  2. to set ether4 as a master port;

..no luck. In the first case ether2 is the only working port, in the second - when I set a master port for ether2 - I have to reset the router again to get the connection back.

Please help - how do I change/remove the master port? ether2 seems somehow special. I want ether1 to be for WAN, and ports 4-5 for my local usage, ports 2-3 will be disabled.

alexoy
  • 13
  • 1
  • 1
  • 3

2 Answers2

1

In RouterOS there're two ways of enabling switching (ethernet frames forwarding): 1. in software (slower, by adding interfaces to bridge), 2. in hardware (the fastest, default method, by choosing the master port).

You probably connecting to your router by IP (3rd layer/OSI), there's special tool called winbox which allow you connect to your router using its MAC address (2nd layer - IP address on any interface is not required).

If local "LAN" IP address is located on bridge interface and you remove ether2-master port from the bridge, then you basically remove all ports from the bridge, therefore you lose IP (layer 3/OSI) connectivity.

Be sure to take a look at your firewall rules too when you try to connect to your Mikrotik via 1st port.

Michal Sokolowski
  • 1,471
  • 1
  • 11
  • 24
  • yes, I use SSH to configure the router, from ports 2-5, that's easier for me. I understand that ether2 is a master by default, so disabling it closes all the connections. My question is how do I change it? For example, I want ether4 is a master - it doesn't work for me. Or no masters at all - all 2-5 ports are the same - is that possible? – alexoy Nov 07 '17 at 11:29
  • Simply: remove master port property (while established connection via 2nd port) from ether4 (hardware forwarding) and then add it manually to the bridge to not loose the connectivity (software forwarding). Then connect the cable to 4th port and reconfigure 2nd port or all of them. I highly recommend winbox if you're fresh with router OS, it'll allow you to see more in the first place to understand what you're doing. – Michal Sokolowski Nov 07 '17 at 11:34
1

There is a safe mode in Winbox although I never use it and I'm not sure exactly how it functions.

Personally I always set up a management port first, remove every firewall rule and make sure I can get in on my management port. (In your case you could probably just put a temporary IP on port 1).

Once you're in on a port you don't need to mess with, set the master port on 2/3/4/5 to none (so they're all masters effectively), then set 5 to a slave of 4 so you get hardware switching** between those ports (if that's what you want). You can then assign your correct IP to port 4 and hopefully get back into the device on port 4/5 to finish configuration.

**Apparently in the latest version (still RC status) they are removing the master port options and everything should be done with bridges. The OS is supposed to automatically enable hardware offload for switching where available without having to manually set master/slave ports.

USD Matt
  • 5,381
  • 15
  • 23
  • Matt, may I ask for source for **? – Michal Sokolowski Nov 07 '17 at 11:47
  • 1
    I actually came across it on mikrotik.reddit.com yesterday. It's in the changelog for the latest RC (6.41rc50) on mikrotik.com and I've just tested it on my own RB2011. I've always kind of liked the master/slave options but it did take some getting used to when I first used RouterOS. The HW offload feature actually seems quite slick although it means I now will need to have bridge interfaces on devices where I previously got away with just master/slave config. – USD Matt Nov 07 '17 at 11:51
  • 1
    My RB2011 is showing `H` for "Hw Offload" next to all ports in the bridge window. I assume/hope it works just as well as the old config but I don't have any way to actually test throughput/cpu load at the moment. (Just to add - the master/slave options are actually gone completely) – USD Matt Nov 07 '17 at 11:53