Community discussions

MikroTik App
 
PepeOnAchair
just joined
Topic Author
Posts: 17
Joined: Sat Nov 22, 2008 10:28 pm

how access backbone routerboard on VLAN-separated L2 network

Wed Aug 25, 2010 4:57 pm

Hi,
I`m trying to find a solution for this problem for a few days, I`m slowly getting insane :)
- I need to separate the traffic from ether1 port in RB411 from all other traffic on the network. So I told myself, lets do it by VLAN. At the beginning I have to say that all this happens on L2 network – no routing. So I setup VLAN interface in RB411 in its wlan1 interface and added it into bridge1 (wlan1 interface is not in bridge). Also I setup VLAN interface in RB750 in ether2 interface and added it into bridge1 (ether2 interface is not in bridge). VLAN works fine and traffic is really separated, good. But soon I realized I need to have the access to RB493 as well. Well, I tried to setup EoIP-tunel1 on RB750 and added it to bridge1. So I setup EoIP-tunel1 in RB493 and added it to bridge as well. EoIP tunel works fine now. And even more, I`m now able to access RB411 and also RB493.
- BUT here comes the problem: When just VLAN interface in RB750 is activated, all traffic to RB411 goes though VLAN1 interface, as expected. But when I activate EoIP interface as well after some few second (5-15s) traffic towards RB411 will prefer go through EoIP interface, even if in this interface is nothing like VLAN. Changing interface for traffic is so quick, that no ping packet (one packet per sec.) is lost. In RB411 I also see that traffic stops to go through VLAN1 interface and starts go though _wlan1_ interface (which is not even in bridge1) When I deactivate EoIP interface in RB750, VLAN traffic to RB411 returns back.
- I have not problem with packet storms, which I solve elsewhere.

Last but not least it is important to say, that in reality all these three routerboards mentioned here might be kilometers from each other. Also I made this example network as simple as possible. In reality there are some 100 ”backbone routerboards” and similar number of ”clients routerboards”.

Do you know why this happens? And if this is wrong idea to access backbone routerboards on VLAN-separated L2 network, do you have any working solution?

(I have tried to use Bridge Filters for stopping VLAN packets to INPUTand FORWARD into EoIP interface, but with no success)

Thank you for any idea how to solve this.
Pep.
You do not have the required permissions to view the files attached to this post.
 
fewi
Forum Guru
Forum Guru
Posts: 7717
Joined: Tue Aug 11, 2009 3:19 am

Re: how access backbone routerboard on VLAN-separated L2 net

Wed Aug 25, 2010 6:42 pm

And if this is wrong idea to access backbone routerboards on VLAN-separated L2 network, do you have any working solution?
Convert to a routed network, particularly if you have hundreds of routers. Connections between routers carry management VLANs and customer VLANs separately. On each router you use the IP firewall to protect them from one another.
 
PepeOnAchair
just joined
Topic Author
Posts: 17
Joined: Sat Nov 22, 2008 10:28 pm

Re: how access backbone routerboard on VLAN-separated L2 net

Wed Aug 25, 2010 6:46 pm

And if this is wrong idea to access backbone routerboards on VLAN-separated L2 network, do you have any working solution?
Convert to a routed network, particularly if you have hundreds of routers. Connections between routers carry management VLANs and customer VLANs separately. On each router you use the IP firewall to protect them from one another.
Thank you for your answer. But this would by the only one reason for me to convert to routed network. I hope there is another solution, because I really don`t want routed network.

Pep.

Who is online

Users browsing this forum: bananaboy1101, davidhirka, jamesperks and 88 guests