Client Bridge Modes with RouterOS
Q: We recently purchased some of the 6 pack Mikrotik radio gear, including the Ominitik 5hnd and Sxt’s, as we need to replace an existing wireless bridge on a remote site in QLD. Being fairly new to this equipment, I have had a look and started to attempt to program this up, but need some pointers if you have the time…
I have 2 Omnitiks and 4 SXT’s available, and need to create a bridge on the 10.6.21.X network. This bridge will allow an IP video encoder and IP decoder to be linked together wirelessly, and the addresses are as below in the diagram. This site will be getting additional radio gear in the future on the same network (mesh network would be best in this case?)
I figured that I should be using one end as Ap-bridged and one end as client-bridged?
Bridge is not supported with standard station mode. The reason is rather technical, but related to the protocol at the layer1 level which only has space for three MAC addresses in the header (address of station, address of AP, and address of node behind bridge on AP end)
To implement a transparent bridge between the AP Ethernet and station Ethernet, you have three basic options in order of increasing stability:
- Use pseudobridge or psudobridge clone mode on the station
- Use MikroTik proprietary station-bridge mode on the client
- Do not bridge wlan on either AP or station end, and instead create an Ethernet-over-ip tunnel between station and AP, then bridge the tunnel interfaces to the LAN on each end.
Option 1 is little more than a cheap hack – it is highly problematic especially when there are multiple hosts attached to the client LAN interface
Option 2 is mikrotik proprietary, and implements a special bridge forwading table on the AP that learns addresses of hosts behind the cpe bridge
Option 3 is the best option – it implements a truly transparent bridge between the two LAN segments.
One last point – watch out for the fail-over implementation. STP is not designed for fail-over, only for loop detection. It is possible that the fail-over will not automatically kick in on loss of one of the links. Use of redundant routing is a better option – if bridge is a requirement, you can span the duplicated paths using eoip tunnel, and then bridge the tunnels at each end. This way the eoip tunnel can traverse a routed network with failover, and will switch between wireless/wired accurately and responsively, yet bridge traffic will pass over the tunnel completely irrespective of the underlying path/s.
Hope that helps!
As always, further questions, feedback, comments, criticisms are very welcome!