Помогите настроить аплинк между устройствами mikrotik.

[Ilich]

Господа, заранее прошу прощения, за возможно тупой и избитый вопрос, но он поставил меня в тупик.
Сразу предупрежу, я не супер пупер гений сетевой, я так себе самоучка, попытавшийся сначала разобраться с домашним микротиком, и разобравшись, осмелел и решил применить свой микроопыт на работе, заменив кучу каскадно подключенных длинков восьмипортовых. Ладно, лирику долой, рассказываю все по порядку.

Топология сети:
1. На входе стоит Zyxell с USB роутером Yota. DHCP сервер и WiFi на нем отключены.
2. Далее стоит RouterBOARD 1100AHx2. На нем работает DHCP сервер. Первый его порт зарезервирован для местного проводного провайдера, ко второму порту подключен Zyxell с Yota, остальные порты обьеденены в бридж и используются для подключения других свичей, нас сервера и служебных pc, выполняющих роль сервачков.

 Компакт конфиг 1100

# feb/24/2014 10:18:59 by RouterOS 6.10
# software id = TSBS-UPNR
#
/interface bridge
add l2mtu=1598 name=bridge-local
/interface ethernet
set [ find default-name=ether1 ] comment="Reserved to WAN " name=ether01-wan
set [ find default-name=ether2 ] comment="Basic to WAN" name=ether02-lte
set [ find default-name=ether3 ] comment="Link to MikroTik Switch1 CRS125" \
name=ether03-switch1
set [ find default-name=ether4 ] comment="Link to MikroTik Switch2 CRS125" \
name=ether04-swtch2
set [ find default-name=ether5 ] comment="link to Mikrotik Switch 3 RB915" \
name=ether05-switch3
set [ find default-name=ether6 ] name=ether06-local
set [ find default-name=ether7 ] name=ether07-local
set [ find default-name=ether8 ] name=ether08-local
set [ find default-name=ether9 ] name=ether09-local
set [ find default-name=ether10 ] comment="Link to Ilich" name=ether10-Ilich
set [ find default-name=ether11 ] comment="Link to Foxconn Kovrov" name=\
ether11-Foxconn_Kovrov
set [ find default-name=ether12 ] comment="Link to SynchroBox" name=\
ether12-SynchroBox
set [ find default-name=ether13 ] comment="Link to KVR Synology" name=\
ether13-KVR_Synology
/ip neighbor discovery
set ether01-wan comment="Reserved to WAN "
set ether02-lte comment="Basic WAN"
set ether03-switch1 comment="Link to MikroTik Switch1 CRS125"
set ether04-swtch2 comment="Link to MikroTik Switch2 CRS125"
set ether05-switch3 comment="link to Mikrotik Switch 3 RB915"
set ether10-Ilich comment="Link to Ilich"
set ether11-Foxconn_Kovrov comment="Link to Foxconn Kovrov"
set ether12-SynchroBox comment="Link to SynchroBox"
set ether13-KVR_Synology comment="Link to KVR Synology"
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip dhcp-server
add disabled=no interface=bridge-local name=dhcp-local
/ip hotspot user profile
set [ find default=yes ] idle-timeout=none keepalive-timeout=2m \
mac-cookie-timeout=3d
/ip pool
add name=dhcp-local ranges=192.168.2.200-192.168.2.254
/port
set 0 name=serial0
set 1 name=serial1
/interface bridge port
add bridge=bridge-local interface=ether03-switch1
add bridge=bridge-local interface=ether04-swtch2
add bridge=bridge-local interface=ether06-local
add bridge=bridge-local interface=ether07-local
add bridge=bridge-local interface=ether08-local
add bridge=bridge-local interface=ether09-local
add bridge=bridge-local interface=ether10-Ilich
add bridge=bridge-local interface=ether11-Foxconn_Kovrov
add bridge=bridge-local interface=ether12-SynchroBox
add bridge=bridge-local interface=ether13-KVR_Synology
add bridge=bridge-local interface=ether05-switch3
/ip address
add address=192.168.2.1/24 interface=bridge-local network=192.168.2.0
add address=192.168.254.254/24 interface=ether02-lte network=192.168.254.0
add address=10.10.12.12/27 interface=ether01-wan network=10.10.12.0
/ip dhcp-client
add dhcp-options=hostname,clientid interface=ether01-wan
/ip dhcp-server lease
# Секция удалена
/ip dhcp-server network
add address=192.168.2.0/24 dns-server=192.168.2.1 gateway=192.168.2.1 \
netmask=24
/ip dns
set allow-remote-requests=yes servers=193.58.251.251
/ip dns static
/ip firewall address-list
# Секция удалена
/ip firewall filter
add chain=input comment="default configuration" protocol=icmp
add chain=input comment="default configuration" connection-state=established
add chain=input comment="default configuration" connection-state=related
add action=drop chain=input comment="default configuration" in-interface=\
ether01-wan
add action=drop chain=input comment="default configuration" in-interface=\
ether02-lte
add chain=forward comment="default configuration" connection-state=\
established
add chain=forward comment="default configuration" connection-state=related
add action=drop chain=forward comment="default configuration" \
connection-state=invalid
/ip firewall mangle
add action=mark-routing chain=output connection-mark=from-ISP1 \
new-routing-mark=to-ISP1
add action=mark-routing chain=output connection-mark=from-ISP2 \
new-routing-mark=to-ISP2
add action=mark-routing chain=output new-routing-mark=to-ISP1 src-address=\
10.10.12.12
add action=mark-routing chain=output new-routing-mark=to-ISP2 src-address=\
192.168.254.254
add action=mark-connection chain=prerouting connection-state=new \
in-interface=ether01-wan new-connection-mark=from-ISP2
add action=mark-connection chain=prerouting connection-state=new \
in-interface=ether02-lte new-connection-mark=from-ISP1
add action=mark-routing chain=prerouting connection-mark=from-ISP1 \
new-routing-mark=to-ISP1
add action=mark-routing chain=prerouting connection-mark=from-ISP2 \
new-routing-mark=to-ISP2
/ip firewall nat
add action=masquerade chain=srcnat comment="NAT for LAN" out-interface=\
ether01-wan src-address-list="Inet Allow"
add action=masquerade chain=srcnat comment="NAT for Yota" out-interface=\
ether02-lte src-address-list="Inet Allow"
add action=netmap chain=dstnat comment="FTP Server Synology for WAN" \
dst-port=20-21 in-interface=ether01-wan protocol=tcp to-addresses=\
192.168.2.2 to-ports=20-21
add action=netmap chain=dstnat comment="Synology Remote for WAN" dst-port=\
5000-5001 in-interface=ether01-wan protocol=tcp to-addresses=192.168.2.2 \
to-ports=5000-5001
add action=netmap chain=dstnat comment="Synology BackUP for WAN" dst-port=873 \
in-interface=ether01-wan protocol=tcp to-addresses=192.168.2.2 to-ports=\
873
add action=netmap chain=dstnat comment="Radmin Console for WAN" dst-port=\
23534 in-interface=ether01-wan protocol=tcp to-addresses=192.168.2.3 \
to-ports=23534
add action=netmap chain=dstnat comment="SpiceWorks for WAN" dst-port=80 \
in-interface=ether01-wan protocol=tcp to-addresses=192.168.2.3 to-ports=\
80
add action=netmap chain=dstnat comment="DrWeb for WAN" dst-port=9080 \
in-interface=ether01-wan protocol=tcp to-addresses=192.168.2.3 to-ports=\
9080
add action=netmap chain=dstnat comment="DrWeb Agent TCP for WAN" dst-port=\
2193 in-interface=ether01-wan protocol=tcp to-addresses=192.168.2.3 \
to-ports=2193
add action=netmap chain=dstnat comment="DrWeb Agent UDP for WAN" dst-port=\
2193 in-interface=ether01-wan protocol=udp to-addresses=192.168.2.3 \
to-ports=2193
add action=netmap chain=dstnat comment="Synology WebDaw for WAN" dst-port=\
5005-5006 in-interface=ether01-wan protocol=tcp to-addresses=192.168.2.2 \
to-ports=5005-5006
add action=netmap chain=dstnat comment="FTP Server Synology for LTE" \
dst-port=20-21 in-interface=ether02-lte protocol=tcp to-addresses=\
192.168.2.2 to-ports=20-21
add action=netmap chain=dstnat comment="Synology Remote for LTE" dst-port=\
5000-5001 in-interface=ether02-lte protocol=tcp to-addresses=192.168.2.2 \
to-ports=5000-5001
add action=netmap chain=dstnat comment="Synology BackUP for LTE" dst-port=873 \
in-interface=ether02-lte protocol=tcp to-addresses=192.168.2.2 to-ports=\
873
add action=netmap chain=dstnat comment="Radmin Console for LTE" dst-port=\
23534 in-interface=ether02-lte protocol=tcp to-addresses=192.168.2.3 \
to-ports=23534
add action=netmap chain=dstnat comment="SpiceWorks for LTE" dst-port=80 \
in-interface=ether02-lte protocol=tcp to-addresses=192.168.2.3 to-ports=\
80
add action=netmap chain=dstnat comment="DrWeb for LTE" dst-port=9080 \
in-interface=ether02-lte protocol=tcp to-addresses=192.168.2.3 to-ports=\
9080
add action=netmap chain=dstnat comment="DrWeb Agent TCP for LTE" dst-port=\
2193 in-interface=ether02-lte protocol=tcp to-addresses=192.168.2.3 \
to-ports=2193
add action=netmap chain=dstnat comment="DrWeb Agent UDP for LTE" dst-port=\
2193 in-interface=ether02-lte protocol=udp to-addresses=192.168.2.3 \
to-ports=2193
add action=netmap chain=dstnat comment="Synology WebDaw for LTE" dst-port=\
5005-5006 in-interface=ether02-lte protocol=tcp to-addresses=192.168.2.2 \
to-ports=5005-5006
add action=netmap chain=dstnat comment="DNS Allow only Int" dst-address=\
!192.168.2.1 dst-port=53 protocol=udp src-address=192.168.2.0/24 \
to-addresses=192.168.2.1 to-ports=53
/ip route
add distance=2 gateway=10.10.12.1 routing-mark=ISP2
add distance=2 dst-address=192.168.1.0/24 gateway=bridge-local routing-mark=\
ISP2
add distance=2 gateway=192.168.254.1 routing-mark=ISP1
add distance=2 dst-address=192.168.1.0/24 gateway=bridge-local routing-mark=\
ISP1
add comment=RsrvGW distance=1 gateway=192.168.254.1
add distance=2 gateway=10.10.12.1
add comment=MainGW distance=2 gateway=10.10.12.1
/ip upnp
set allow-disable-external-interface=no
/system clock
set time-zone-name=Europe/Moscow
/system identity
set name="MikroTik Head RB1100"
/system ntp client
set enabled=yes primary-ntp=62.119.40.98 secondary-ntp=192.36.133.17
/system script
add name=check_isp policy=read,write,test source=""

3. Далее стоит Cloud Router Switch 125-24G-1S-2HnD-IN настроенный мостом, который своим первым портом соединен с третьим портом RouterBOARD 1100AHx2. Он раздает WiFi

 Компакт конфиг 125

# feb/24/2014 10:22:14 by RouterOS 6.10
# software id = UT2Y-VWZQ
#
/interface bridge
add admin-mac=D4:CA:6D:F9:73:65 auto-mac=no l2mtu=1588 name=bridge-local
/interface mesh
add comment="WiFi Mesh LAN to SMP Kovrov" hwmp-rann-propagation-delay=5 name=\
"SMP Kovrov"
/interface ethernet
set [ find default-name=ether1 ] comment="Link to MikroTik Head RB1100" name=\
ether01-to_head
set [ find default-name=ether2 ] comment="Link to Boyko" name=ether02-Boyko
set [ find default-name=ether3 ] comment="Link to Nikulina" master-port=\
ether02-Boyko name=ether03-Nikulina
set [ find default-name=ether4 ] comment="Link to Aphanasieva" master-port=\
ether02-Boyko name=ether04-Aphanasieva
set [ find default-name=ether5 ] comment="Link to Novichkova" master-port=\
ether02-Boyko name=ether05-Novichkova
set [ find default-name=ether6 ] comment="Link to Klochihina" master-port=\
ether02-Boyko name=ether06-Klochihina
set [ find default-name=ether7 ] comment="Link to Rybakova" master-port=\
ether02-Boyko name=ether07-Rybakova
set [ find default-name=ether8 ] comment="Link to Kutuzova" master-port=\
ether02-Boyko name=ether08-Kutuzova
set [ find default-name=ether9 ] comment="Link to Zenkov" master-port=\
ether02-Boyko name=ether09-Zenkov
set [ find default-name=ether10 ] comment="Link to Gerasimov" master-port=\
ether02-Boyko name=ether10-Gerasimov
set [ find default-name=ether11 ] comment="Link to Morozova" master-port=\
ether02-Boyko name=ether11-Morozova
set [ find default-name=ether12 ] comment="Link to Posazhennikov" \
master-port=ether02-Boyko name=ether12-Posazhennikov
set [ find default-name=ether13 ] comment="Link to Svetlyakova" master-port=\
ether02-Boyko name=ether13-Svetlyakova
set [ find default-name=ether14 ] comment="Link to Printer Sharp AR-5620N" \
master-port=ether02-Boyko name=ether14-Printer_Sharp_AR-5620N
set [ find default-name=ether15 ] comment="Link to Klimova" master-port=\
ether02-Boyko name=ether15-Klimova
set [ find default-name=ether16 ] comment="Link to Panasenko M." master-port=\
ether02-Boyko name=ether16-Panasenko.M
set [ find default-name=ether17 ] comment="Link to Prochorova" master-port=\
ether02-Boyko name=ether17-Prochorova
set [ find default-name=ether18 ] comment="Link to Panasenko T." master-port=\
ether02-Boyko name=ether18-Panasenko.T
set [ find default-name=ether19 ] master-port=ether02-Boyko name=\
ether19-slave-local
set [ find default-name=ether20 ] master-port=ether02-Boyko name=\
ether20-slave-local
set [ find default-name=ether21 ] master-port=ether02-Boyko name=\
ether21-slave-local
set [ find default-name=ether22 ] master-port=ether02-Boyko name=\
ether22-slave-local
set [ find default-name=ether23 ] master-port=ether02-Boyko name=\
ether23-slave-local
set [ find default-name=ether24 ] master-port=ether02-Boyko name=\
ether24-slave-local
set [ find default-name=sfp1 ] disabled=yes name=sfp1-gateway
/interface wireless
set [ find default-name=wlan1 ] band=2ghz-b/g/n channel-width=\
20/40mhz-ht-above country=russia disabled=no distance=indoors l2mtu=2290 \
mode=ap-bridge ssid="SMP Kovrov" wds-mode=static-mesh wireless-protocol=\
802.11
/ip neighbor discovery
set ether01-to_head comment="Link to MikroTik Head RB1100" discover=no
set ether02-Boyko comment="Link to Boyko"
set ether03-Nikulina comment="Link to Nikulina"
set ether04-Aphanasieva comment="Link to Aphanasieva"
set ether05-Novichkova comment="Link to Novichkova"
set ether06-Klochihina comment="Link to Klochihina"
set ether07-Rybakova comment="Link to Rybakova"
set ether08-Kutuzova comment="Link to Kutuzova"
set ether09-Zenkov comment="Link to Zenkov"
set ether10-Gerasimov comment="Link to Gerasimov"
set ether11-Morozova comment="Link to Morozova"
set ether12-Posazhennikov comment="Link to Posazhennikov"
set ether13-Svetlyakova comment="Link to Svetlyakova"
set ether14-Printer_Sharp_AR-5620N comment="Link to Printer Sharp AR-5620N"
set ether15-Klimova comment="Link to Klimova"
set ether16-Panasenko.M comment="Link to Panasenko M."
set ether17-Prochorova comment="Link to Prochorova"
set ether18-Panasenko.T comment="Link to Panasenko T."
set "SMP Kovrov" comment="WiFi Mesh LAN to SMP Kovrov"
/interface wireless wds
add comment="Mesh LAN to Switch1 CRS125" disabled=no l2mtu=2290 \
master-interface=wlan1 name="Mesh Switch2 CRS125" wds-address=\
D4:CA:6D:F9:EF:26
/ip neighbor discovery
set "Mesh Switch2 CRS125" comment="Mesh LAN to Switch1 CRS125"
/interface wireless security-profiles
set [ find default=yes ] authentication-types=wpa-psk,wpa2-psk mode=\
dynamic-keys supplicant-identity=MikroTik wpa-pre-shared-key=24791avd \
wpa2-pre-shared-key=24791avd
/ip hotspot user profile
set [ find default=yes ] idle-timeout=none keepalive-timeout=2m \
mac-cookie-timeout=3d
/ip ipsec proposal
set [ find default=yes ] enc-algorithms=3des
/ip pool
add name=default-dhcp ranges=192.168.88.10-192.168.88.254
/ip dhcp-server
add address-pool=default-dhcp interface=bridge-local name=default
/port
set 0 name=serial0
/interface bridge port
add bridge=bridge-local interface=ether02-Boyko
add bridge=bridge-local interface=wlan1
add bridge=bridge-local interface=ether01-to_head
add bridge=bridge-local interface=sfp1-gateway
/interface ethernet switch port
set 0 isolation-profile=1 per-queue-scheduling="strict-priority:0,strict-prior\
ity:0,strict-priority:0,strict-priority:0,strict-priority:0,strict-priorit\
y:0,strict-priority:0,strict-priority:0" qos-scheme-precedence="dscp-based\
,vlan-based,protocol-based,da-based,sa-based,pcp-based,ingress-acl-based,(\
unknown)"
set 1 isolation-profile=1 per-queue-scheduling="strict-priority:0,strict-prior\
ity:0,strict-priority:0,strict-priority:0,strict-priority:0,strict-priorit\
y:0,strict-priority:0,strict-priority:0" qos-scheme-precedence="dscp-based\
,vlan-based,protocol-based,da-based,sa-based,pcp-based,ingress-acl-based,(\
unknown)"
set 2 isolation-profile=1 per-queue-scheduling="strict-priority:0,strict-prior\
ity:0,strict-priority:0,strict-priority:0,strict-priority:0,strict-priorit\
y:0,strict-priority:0,strict-priority:0" qos-scheme-precedence="dscp-based\
,vlan-based,protocol-based,da-based,sa-based,pcp-based,ingress-acl-based,(\
unknown)"
set 3 isolation-profile=1 per-queue-scheduling="strict-priority:0,strict-prior\
ity:0,strict-priority:0,strict-priority:0,strict-priority:0,strict-priorit\
y:0,strict-priority:0,strict-priority:0" qos-scheme-precedence="dscp-based\
,vlan-based,protocol-based,da-based,sa-based,pcp-based,ingress-acl-based,(\
unknown)"
set 4 isolation-profile=1 per-queue-scheduling="strict-priority:0,strict-prior\
ity:0,strict-priority:0,strict-priority:0,strict-priority:0,strict-priorit\
y:0,strict-priority:0,strict-priority:0" qos-scheme-precedence="dscp-based\
,vlan-based,protocol-based,da-based,sa-based,pcp-based,ingress-acl-based,(\
unknown)"
set 5 isolation-profile=1 per-queue-scheduling="strict-priority:0,strict-prior\
ity:0,strict-priority:0,strict-priority:0,strict-priority:0,strict-priorit\
y:0,strict-priority:0,strict-priority:0" qos-scheme-precedence="dscp-based\
,vlan-based,protocol-based,da-based,sa-based,pcp-based,ingress-acl-based,(\
unknown)"
set 6 isolation-profile=1 per-queue-scheduling="strict-priority:0,strict-prior\
ity:0,strict-priority:0,strict-priority:0,strict-priority:0,strict-priorit\
y:0,strict-priority:0,strict-priority:0" qos-scheme-precedence="dscp-based\
,vlan-based,protocol-based,da-based,sa-based,pcp-based,ingress-acl-based,(\
unknown)"
set 7 isolation-profile=1 per-queue-scheduling="strict-priority:0,strict-prior\
ity:0,strict-priority:0,strict-priority:0,strict-priority:0,strict-priorit\
y:0,strict-priority:0,strict-priority:0" qos-scheme-precedence="dscp-based\
,vlan-based,protocol-based,da-based,sa-based,pcp-based,ingress-acl-based,(\
unknown)"
set 8 isolation-profile=1 per-queue-scheduling="strict-priority:0,strict-prior\
ity:0,strict-priority:0,strict-priority:0,strict-priority:0,strict-priorit\
y:0,strict-priority:0,strict-priority:0" qos-scheme-precedence="dscp-based\
,vlan-based,protocol-based,da-based,sa-based,pcp-based,ingress-acl-based,(\
unknown)"
set 9 isolation-profile=1 per-queue-scheduling="strict-priority:0,strict-prior\
ity:0,strict-priority:0,strict-priority:0,strict-priority:0,strict-priorit\
y:0,strict-priority:0,strict-priority:0" qos-scheme-precedence="dscp-based\
,vlan-based,protocol-based,da-based,sa-based,pcp-based,ingress-acl-based,(\
unknown)"
set 10 isolation-profile=1 per-queue-scheduling="strict-priority:0,strict-prio\
rity:0,strict-priority:0,strict-priority:0,strict-priority:0,strict-priori\
ty:0,strict-priority:0,strict-priority:0" qos-scheme-precedence="dscp-base\
d,vlan-based,protocol-based,da-based,sa-based,pcp-based,ingress-acl-based,\
(unknown)"
set 11 isolation-profile=1 per-queue-scheduling="strict-priority:0,strict-prio\
rity:0,strict-priority:0,strict-priority:0,strict-priority:0,strict-priori\
ty:0,strict-priority:0,strict-priority:0" qos-scheme-precedence="dscp-base\
d,vlan-based,protocol-based,da-based,sa-based,pcp-based,ingress-acl-based,\
(unknown)"
set 12 isolation-profile=1 per-queue-scheduling="strict-priority:0,strict-prio\
rity:0,strict-priority:0,strict-priority:0,strict-priority:0,strict-priori\
ty:0,strict-priority:0,strict-priority:0" qos-scheme-precedence="dscp-base\
d,vlan-based,protocol-based,da-based,sa-based,pcp-based,ingress-acl-based,\
(unknown)"
set 13 isolation-profile=1 per-queue-scheduling="strict-priority:0,strict-prio\
rity:0,strict-priority:0,strict-priority:0,strict-priority:0,strict-priori\
ty:0,strict-priority:0,strict-priority:0" qos-scheme-precedence="dscp-base\
d,vlan-based,protocol-based,da-based,sa-based,pcp-based,ingress-acl-based,\
(unknown)"
set 14 isolation-profile=1 per-queue-scheduling="strict-priority:0,strict-prio\
rity:0,strict-priority:0,strict-priority:0,strict-priority:0,strict-priori\
ty:0,strict-priority:0,strict-priority:0" qos-scheme-precedence="dscp-base\
d,vlan-based,protocol-based,da-based,sa-based,pcp-based,ingress-acl-based,\
(unknown)"
set 15 isolation-profile=1 per-queue-scheduling="strict-priority:0,strict-prio\
rity:0,strict-priority:0,strict-priority:0,strict-priority:0,strict-priori\
ty:0,strict-priority:0,strict-priority:0" qos-scheme-precedence="dscp-base\
d,vlan-based,protocol-based,da-based,sa-based,pcp-based,ingress-acl-based,\
(unknown)"
set 16 isolation-profile=1 per-queue-scheduling="strict-priority:0,strict-prio\
rity:0,strict-priority:0,strict-priority:0,strict-priority:0,strict-priori\
ty:0,strict-priority:0,strict-priority:0" qos-scheme-precedence="dscp-base\
d,vlan-based,protocol-based,da-based,sa-based,pcp-based,ingress-acl-based,\
(unknown)"
set 17 isolation-profile=1 per-queue-scheduling="strict-priority:0,strict-prio\
rity:0,strict-priority:0,strict-priority:0,strict-priority:0,strict-priori\
ty:0,strict-priority:0,strict-priority:0" qos-scheme-precedence="dscp-base\
d,vlan-based,protocol-based,da-based,sa-based,pcp-based,ingress-acl-based,\
(unknown)"
set 18 isolation-profile=1 per-queue-scheduling="strict-priority:0,strict-prio\
rity:0,strict-priority:0,strict-priority:0,strict-priority:0,strict-priori\
ty:0,strict-priority:0,strict-priority:0" qos-scheme-precedence="dscp-base\
d,vlan-based,protocol-based,da-based,sa-based,pcp-based,ingress-acl-based,\
(unknown)"
set 19 isolation-profile=1 per-queue-scheduling="strict-priority:0,strict-prio\
rity:0,strict-priority:0,strict-priority:0,strict-priority:0,strict-priori\
ty:0,strict-priority:0,strict-priority:0" qos-scheme-precedence="dscp-base\
d,vlan-based,protocol-based,da-based,sa-based,pcp-based,ingress-acl-based,\
(unknown)"
set 20 isolation-profile=1 per-queue-scheduling="strict-priority:0,strict-prio\
rity:0,strict-priority:0,strict-priority:0,strict-priority:0,strict-priori\
ty:0,strict-priority:0,strict-priority:0" qos-scheme-precedence="dscp-base\
d,vlan-based,protocol-based,da-based,sa-based,pcp-based,ingress-acl-based,\
(unknown)"
set 21 isolation-profile=1 per-queue-scheduling="strict-priority:0,strict-prio\
rity:0,strict-priority:0,strict-priority:0,strict-priority:0,strict-priori\
ty:0,strict-priority:0,strict-priority:0" qos-scheme-precedence="dscp-base\
d,vlan-based,protocol-based,da-based,sa-based,pcp-based,ingress-acl-based,\
(unknown)"
set 22 isolation-profile=1 per-queue-scheduling="strict-priority:0,strict-prio\
rity:0,strict-priority:0,strict-priority:0,strict-priority:0,strict-priori\
ty:0,strict-priority:0,strict-priority:0" qos-scheme-precedence="dscp-base\
d,vlan-based,protocol-based,da-based,sa-based,pcp-based,ingress-acl-based,\
(unknown)"
set 23 isolation-profile=1 per-queue-scheduling="strict-priority:0,strict-prio\
rity:0,strict-priority:0,strict-priority:0,strict-priority:0,strict-priori\
ty:0,strict-priority:0,strict-priority:0" qos-scheme-precedence="dscp-base\
d,vlan-based,protocol-based,da-based,sa-based,pcp-based,ingress-acl-based,\
(unknown)"
set 24 isolation-profile=1 per-queue-scheduling="strict-priority:0,strict-prio\
rity:0,strict-priority:0,strict-priority:0,strict-priority:0,strict-priori\
ty:0,strict-priority:0,strict-priority:0" qos-scheme-precedence="dscp-base\
d,vlan-based,protocol-based,da-based,sa-based,pcp-based,ingress-acl-based,\
(unknown)"
set 25 per-queue-scheduling="strict-priority:0,strict-priority:0,strict-priori\
ty:0,strict-priority:0,strict-priority:0,strict-priority:0,strict-priority\
:0,strict-priority:0" qos-scheme-precedence="dscp-based,vlan-based,protoco\
l-based,da-based,sa-based,pcp-based,ingress-acl-based,(unknown)"
/interface mesh port
add comment="Mesh LAN to Switch2 CRS125" interface="Mesh Switch2 CRS125" \
mesh="SMP Kovrov"
/ip address
add address=192.168.2.10/24 comment="default configuration" interface=\
ether02-Boyko network=192.168.2.0
/ip dhcp-client
add comment="default configuration" dhcp-options=hostname,clientid interface=\
bridge-local
/ip dhcp-server network
add address=192.168.88.0/24 comment="default configuration" dns-server=\
192.168.88.1 gateway=192.168.88.1
/ip dns
set allow-remote-requests=yes servers=192.168.2.1
/ip dns static
add address=192.168.88.1 name=router
add address=54.230.96.212 name=upgrade.mikrotik.com
/ip firewall filter
add chain=forward comment="default configuration" connection-state=\
established disabled=yes
add chain=forward comment="default configuration" connection-state=related \
disabled=yes
add action=drop chain=forward comment="default configuration" \
connection-state=invalid disabled=yes
add chain=input disabled=yes protocol=icmp
add chain=input connection-state=established disabled=yes
add chain=input connection-state=related disabled=yes
add action=drop chain=input disabled=yes in-interface=ether01-to_head
/ip firewall nat
add action=masquerade chain=srcnat comment="default configuration" disabled=\
yes out-interface=ether01-to_head
add action=masquerade chain=srcnat comment="default configuration" disabled=\
yes out-interface=sfp1-gateway
/ip route
add distance=1 gateway=192.168.2.1
/ip upnp
set allow-disable-external-interface=no
/lcd interface
set wlan1 interface=wlan1
set ether01-to_head interface=ether01-to_head
set ether02-Boyko interface=ether02-Boyko
set ether03-Nikulina interface=ether03-Nikulina
set ether04-Aphanasieva interface=ether04-Aphanasieva
set ether05-Novichkova interface=ether05-Novichkova
set ether06-Klochihina interface=ether06-Klochihina
set ether07-Rybakova interface=ether07-Rybakova
set ether08-Kutuzova interface=ether08-Kutuzova
set ether09-Zenkov interface=ether09-Zenkov
set ether10-Gerasimov interface=ether10-Gerasimov
set ether11-Morozova interface=ether11-Morozova
set ether12-Posazhennikov interface=ether12-Posazhennikov
set ether13-Svetlyakova interface=ether13-Svetlyakova
set ether14-Printer_Sharp_AR-5620N interface=ether14-Printer_Sharp_AR-5620N
set ether15-Klimova interface=ether15-Klimova
set ether16-Panasenko.M interface=ether16-Panasenko.M
set ether17-Prochorova interface=ether17-Prochorova
set ether18-Panasenko.T interface=ether18-Panasenko.T
set ether19-slave-local interface=ether19-slave-local
set ether20-slave-local interface=ether20-slave-local
set ether21-slave-local interface=ether21-slave-local
set ether22-slave-local interface=ether22-slave-local
set ether23-slave-local interface=ether23-slave-local
set ether24-slave-local interface=ether24-slave-local
set sfp1-gateway interface=sfp1-gateway
/lcd interface pages
set 0 interfaces=wlan1
/system clock
set time-zone-name=Europe/Moscow
/system identity
set name="MikroTik Switch1 CRS125"
/system lcd
set contrast=0 enabled=no port=parallel type=24x4
/system lcd page
set time disabled=yes display-time=5s
set resources disabled=yes display-time=5s
set uptime disabled=yes display-time=5s
set packets disabled=yes display-time=5s
set bits disabled=yes display-time=5s
set version disabled=yes display-time=5s
set identity disabled=yes display-time=5s
set "Mesh Switch2 CRS125" disabled=yes display-time=5s
set bridge-local disabled=yes display-time=5s
set wlan1 disabled=yes display-time=5s
set ether01-to_head disabled=yes display-time=5s
set ether02-Boyko disabled=yes display-time=5s
set ether03-Nikulina disabled=yes display-time=5s
set ether04-Aphanasieva disabled=yes display-time=5s
set ether05-Novichkova disabled=yes display-time=5s
set ether06-Klochihina disabled=yes display-time=5s
set ether07-Rybakova disabled=yes display-time=5s
set ether08-Kutuzova disabled=yes display-time=5s
set ether09-Zenkov disabled=yes display-time=5s
set ether10-Gerasimov disabled=yes display-time=5s
set ether11-Morozova disabled=yes display-time=5s
set ether12-Posazhennikov disabled=yes display-time=5s
set ether13-Svetlyakova disabled=yes display-time=5s
set ether14-Printer_Sharp_AR-5620N disabled=yes display-time=5s
set ether15-Klimova disabled=yes display-time=5s
set ether16-Panasenko.M disabled=yes display-time=5s
set ether17-Prochorova disabled=yes display-time=5s
set ether18-Panasenko.T disabled=yes display-time=5s
set ether19-slave-local disabled=yes display-time=5s
set ether20-slave-local disabled=yes display-time=5s
set "SMP Kovrov" disabled=yes display-time=5s
set ether21-slave-local disabled=yes display-time=5s
set ether22-slave-local disabled=yes display-time=5s
set ether23-slave-local disabled=yes display-time=5s
set ether24-slave-local disabled=yes display-time=5s
set sfp1-gateway disabled=yes display-time=5s
/system ntp client
set enabled=yes primary-ntp=62.119.40.98 secondary-ntp=192.36.133.17
/tool mac-server
set [ find default=yes ] disabled=yes
add interface=ether02-Boyko
add interface=wlan1
add interface=sfp1-gateway
/tool mac-server mac-winbox
set [ find default=yes ] disabled=yes
add interface=ether02-Boyko
add interface=wlan1
add interface=sfp1-gateway

Теперь собственно вопрос. В сети есть простенький NAS Synology, который способен отдавать со скоростью в 50М. Если подключить этот нас к 1100, то клиенты подключенные к 125 с NAS'a скачивают со скоростью в 200К, стоит переподключить NAS к 125, и доунлоад с NAS'a сразу становится в пределах в 50М. Никаких шейпов на портах аплинка не установленo, аплинк сделан пачкордом, обжатым по типу B кабелем категории 5Е, при подключении этим пачкордом NAS'a к 125 снижения скорости не наблюдается, честные 50М. Что так режет скорость на аплинке между 1100 и 125? Что не настроено, недонастроено, криво настроено? Помогите пожалуйста разобраться...

Заранее спасибо.

[vqd]

Ну так на 1100 порты в свитч соберите, а потом мастер порты в бридж уже

Ну и вот это на листочке нарисуйте и в порядок приведите

Код: Выделить всё

/ip firewall mangle
add action=mark-routing chain=output connection-mark=from-ISP1 \
 new-routing-mark=to-ISP1
add action=mark-routing chain=output connection-mark=from-ISP2 \
 new-routing-mark=to-ISP2
add action=mark-routing chain=output new-routing-mark=to-ISP1 src-address=\
 10.10.12.12
add action=mark-routing chain=output new-routing-mark=to-ISP2 src-address=\
 192.168.254.254
add action=mark-connection chain=prerouting connection-state=new \
 in-interface=ether01-wan new-connection-mark=from-ISP2
add action=mark-connection chain=prerouting connection-state=new \
 in-interface=ether02-lte new-connection-mark=from-ISP1
add action=mark-routing chain=prerouting connection-mark=from-ISP1 \
 new-routing-mark=to-ISP1
add action=mark-routing chain=prerouting connection-mark=from-ISP2 \
 new-routing-mark=to-ISP2

[Ilich]

а как собрать на нем порты в свич?
я вижу в настройках два свича, 1 и 2, в них все порты добавлены, то есть вроде бы как они в свич собраны, или я что то не так понимаю?

помогите пожалуйста разобраться.

[vqd]

Разбираете бридж
затем в настройках порта выбираете мастер порт и так по всем

[Ilich]

то есть я полностью разбираю бридж, первый порт бриджа делаю мастером для всех остальных, а потом в бридж добавляю только один мастер порт, правильно я все понял? при этом адресацию внутреннюю я ставлю на бридж или на мастер порт?