Bonjour a tous,
Je me permet de venir humblement vous demander votre aide. En effet je viens de recevoir mon rb5009 et je rencontre un petit soucis, je suis chez Free et j'ai une Freebox revolution.
J'ai basculé ma Freebox en mode bridge afin d'éviter le double nat, et je rencontre un petit soucis avec les fluxs TV, j'ai des pixelisations sur la TV de facon assez recurante.
Si je debranche le cable Ethernet du player revolution et que je le branche en direct sur le freebox serveur, je tout fonctionne parfaitement. Les pixelisations ne se produisent que lorsque que je fais passer les flux au travers du Mikrotik.
Voici la configuration que j'utilise sur le Mikrotik (expurgée des informaitons sensibles):
# sep/11/2022 15:22:18 by RouterOS 7.5
# software id = NYZZ-0FRB
#
# model = RB5009UPr+S+
/interface bridge
add frame-types=admit-only-vlan-tagged ingress-filtering=no name=bridge-LAN \
vlan-filtering=yes
/interface ethernet
set [ find default-name=ether1 ] name=ether1-Wan
set [ find default-name=ether2 ] name=ether2-Freebox
set [ find default-name=ether3 ] name=ether3-Garage
set [ find default-name=ether4 ] name=ether4-PI
set [ find default-name=ether5 ] name=ether5-AP
set [ find default-name=ether6 ] name=ether6-Bureau
set [ find default-name=ether7 ] name=ether7-Cave
set [ find default-name=ether8 ] name=ether8-Salon
set [ find default-name=sfp-sfpplus1 ] name=sfp-emergency
/interface vlan
add interface=bridge-LAN name=DMZ vlan-id=30
add interface=bridge-LAN name=Internet vlan-id=40
add interface=bridge-LAN name=vlan1 vlan-id=10
add interface=bridge-LAN name=vlan2 vlan-id=2
/interface list
add comment=defconf name=WAN
add comment=defconf name=LAN
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=pool-lan ranges=192.168.1.100-192.168.1.200
add name=pool-IOT ranges=192.168.2.100-192.168.2.200
/ip dhcp-server
add add-arp=yes address-pool=pool-lan interface=vlan1 lease-time=8h name=Lan
add add-arp=yes address-pool=pool-IOT interface=vlan2 lease-time=6h name=IOT
/interface bridge port
add bridge=bridge-LAN comment=defconf interface=ether2-Freebox pvid=2
add bridge=bridge-LAN comment=defconf frame-types=\
admit-only-untagged-and-priority-tagged interface=ether5-AP pvid=10
add bridge=bridge-LAN comment=defconf frame-types=admit-only-vlan-tagged \
interface=ether6-Bureau
add bridge=bridge-LAN comment=defconf frame-types=admit-only-vlan-tagged \
interface=ether7-Cave
add bridge=bridge-LAN comment=defconf frame-types=admit-only-vlan-tagged \
interface=ether8-Salon
add bridge=bridge-LAN frame-types=admit-only-untagged-and-priority-tagged \
interface=ether4-PI pvid=10
add bridge=bridge-LAN interface=ether1-Wan pvid=40
add bridge=bridge-LAN frame-types=admit-only-vlan-tagged interface=\
ether3-Garage
/ip neighbor discovery-settings
set discover-interface-list=LAN
/interface bridge vlan
add bridge=bridge-LAN tagged=\
bridge-LAN,ether8-Salon,ether7-Cave,ether6-Bureau,ether3-Garage vlan-ids=\
10
add bridge=bridge-LAN tagged=\
bridge-LAN,ether6-Bureau,ether7-Cave,ether8-Salon,ether3-Garage vlan-ids=\
2
add bridge=bridge-LAN tagged=\
bridge-LAN,ether6-Bureau,ether7-Cave,ether8-Salon,ether3-Garage vlan-ids=\
30
add bridge=bridge-LAN tagged=ether1-Wan,ether2-Freebox vlan-ids=100
add bridge=bridge-LAN tagged=bridge-LAN vlan-ids=40
/interface list member
add comment=defconf interface=bridge-LAN list=LAN
add comment=defconf interface=Internet list=WAN
add interface=vlan1 list=LAN
add interface=vlan2 list=LAN
add interface=DMZ list=LAN
add interface=sfp-emergency list=LAN
/ip address
add address=192.168.1.1/24 interface=vlan1 network=192.168.1.0
add address=192.168.4.1/24 interface=sfp-emergency network=192.168.4.0
add address=192.168.2.1/24 interface=vlan2 network=192.168.2.0
add address=192.168.3.1/24 interface=DMZ network=192.168.3.0
/ip dhcp-client
add comment=defconf interface=Internet
/ip dhcp-server network
add address=192.168.1.0/24 dns-server=192.168.1.28 gateway=\
192.168.1.1 netmask=24
add address=192.168.2.0/24 dns-server=212.27.40.240,212.27.40.241 gateway=\
192.168.2.1 netmask=24
/ip dns
set allow-remote-requests=yes
/ip firewall filter
add action=accept chain=input comment=\
"defconf: accept established,related,untracked" connection-state=\
established,related,untracked
add action=drop chain=input comment="defconf: drop invalid" connection-state=\
invalid
add action=accept chain=input in-interface-list=LAN protocol=icmp
add action=drop chain=input comment="defconf: accept ICMP" protocol=icmp
add action=accept chain=input comment=\
"defconf: accept to local loopback (for CAPsMAN)" dst-address=127.0.0.1
add action=drop chain=input comment="defconf: drop all not coming from LAN" \
in-interface-list=!LAN
add action=accept chain=forward comment="defconf: accept in ipsec policy" \
ipsec-policy=in,ipsec
add action=accept chain=forward comment="defconf: accept out ipsec policy" \
ipsec-policy=out,ipsec
add action=fasttrack-connection chain=forward comment="defconf: fasttrack" \
connection-state=established,related hw-offload=yes
add action=accept chain=forward comment=\
"defconf: accept established,related, untracked" connection-state=\
established,related,untracked
add action=drop chain=forward comment="defconf: drop invalid" \
connection-state=invalid
add action=drop chain=forward dst-address=192.168.0.0/16 src-address=\
192.168.0.0/16
add action=drop chain=forward comment=\
"defconf: drop all from WAN not DSTNATed" connection-nat-state=!dstnat \
connection-state=new in-interface-list=WAN
/ip firewall nat
add action=masquerade chain=srcnat comment="defconf: masquerade" \
ipsec-policy=out,none out-interface-list=WAN
/ipv6 route
add disabled=no dst-address=::/0 gateway=fe80::f6ca:e5ff:fe57:f820%Internet \
routing-table=main
/ip service
set telnet disabled=yes
set ftp disabled=yes
set www address=192.168.1.0/24
set ssh address=192.168.1.0/24
set api disabled=yes
set winbox address=192.168.1.0/24,192.168.4.0/24
set api-ssl disabled=yes
/ip ssh
set forwarding-enabled=local
/ipv6 address
add address=2a01::1::1 interface=vlan1
add address=2a01::2::1 interface=vlan2
add address=2a01::3::1 interface=DMZ
/ipv6 dhcp-server
add address-pool="" dhcp-option=dnssrv interface=vlan1 lease-time=8h name=\
Ipv6Vlan1
/ipv6 firewall address-list
add address=::/128 comment="defconf: unspecified address" list=bad_ipv6
add address=::1/128 comment="defconf: lo" list=bad_ipv6
add address=fec0::/10 comment="defconf: site-local" list=bad_ipv6
add address=::ffff:0.0.0.0/96 comment="defconf: ipv4-mapped" list=bad_ipv6
add address=::/96 comment="defconf: ipv4 compat" list=bad_ipv6
add address=100::/64 comment="defconf: discard only " list=bad_ipv6
add address=2001:db8::/32 comment="defconf: documentation" list=bad_ipv6
add address=2001:10::/28 comment="defconf: ORCHID" list=bad_ipv6
add address=3ffe::/16 comment="defconf: 6bone" list=bad_ipv6
/ipv6 firewall filter
add action=accept chain=input comment=\
"defconf: accept established,related,untracked" connection-state=\
established,related,untracked
add action=drop chain=input comment="defconf: drop invalid" connection-state=\
invalid
add action=accept chain=input comment="defconf: accept ICMPv6" protocol=\
icmpv6
add action=accept chain=input comment="defconf: accept UDP traceroute" port=\
33434-33534 protocol=udp
add action=accept chain=input comment=\
"defconf: accept DHCPv6-Client prefix delegation." dst-port=546 protocol=\
udp src-address=fe80::/10
add action=accept chain=input comment="defconf: accept IKE" dst-port=500,4500 \
protocol=udp
add action=accept chain=input comment="defconf: accept ipsec AH" protocol=\
ipsec-ah
add action=accept chain=input comment="defconf: accept ipsec ESP" protocol=\
ipsec-esp
add action=accept chain=input comment=\
"defconf: accept all that matches ipsec policy" ipsec-policy=in,ipsec
add action=drop chain=input comment=\
"defconf: drop everything else not coming from LAN" in-interface-list=\
!LAN
add action=accept chain=forward comment=\
"defconf: accept established,related,untracked" connection-state=\
established,related,untracked
add action=drop chain=forward comment="defconf: drop invalid" \
connection-state=invalid
add action=drop chain=forward comment=\
"defconf: drop packets with bad src ipv6" src-address-list=bad_ipv6
add action=drop chain=forward comment=\
"defconf: drop packets with bad dst ipv6" dst-address-list=bad_ipv6
add action=drop chain=forward comment="defconf: rfc4890 drop hop-limit=1" \
hop-limit=equal:1 protocol=icmpv6
add action=accept chain=forward comment="defconf: accept ICMPv6" protocol=\
icmpv6
add action=accept chain=forward comment="defconf: accept HIP" protocol=139
add action=accept chain=forward comment="defconf: accept IKE" dst-port=\
500,4500 protocol=udp
add action=accept chain=forward comment="defconf: accept ipsec AH" protocol=\
ipsec-ah
add action=accept chain=forward comment="defconf: accept ipsec ESP" protocol=\
ipsec-esp
add action=accept chain=forward comment=\
"defconf: accept all that matches ipsec policy" ipsec-policy=in,ipsec
add action=accept chain=forward dst-address=2a01:::xx3::2/128 dst-port=\
443 in-interface=Internet out-interface=DMZ protocol=tcp
add action=drop chain=forward comment=\
"defconf: drop everything else not coming from LAN" in-interface-list=\
!LAN
/ipv6 nd
set [ find default=yes ] dns=2a01:::::28 hop-limit=64 interface=\
vlan1 ra-preference=high
add advertise-dns=no interface=vlan2
add advertise-dns=no hop-limit=64 interface=DMZ
/system clock
set time-zone-name=Europe/Paris
/tool mac-server
set allowed-interface-list=LAN
/tool mac-server mac-winbox
set allowed-interface-list=LAN
/tool sniffer
set filter-interface=ether8-Salon
Je vous remercie par avance pour votre aide, car ca fait plusieurs jours que je cherche en vain. Je prends aussi toute autre remarque.
Cordialement,