I couldn't get either a "/interface vlan" or "/inteface ethernet switch vlan" to work at all on port 1 (the poe/gateway port)
but I configured both and they work on port 2 (master-local), but only if the VLAN-MODE is disabled.
If I set the switch port vlan-mode to "check" or "secure" it appears to be drop my properly tagged packets.
/interface ethernet switch vlan> print
Flags: X - disabled, I - invalid
# SWITCH VLAN-ID PORTS
0 switch1 138 ether2-master-local
/interface vlan> print
Flags: X - disabled, R - running, S - slave
# NAME MTU ARP VLAN-ID INTERFACE
0 vlan138 1500 enabled 138 ether2-master-local
I want to terminate a metro-E circuit (wan connection) and filter out all traffic coming into a port not tagged with id# 138
and I want all traffic leaving that same port to be tagged with id# 138.
I want to route that same traffic untagged to devices on the LAN plugged into one or more other ports.
Can anyone tell me what I'm doing wrong?
-=-=-=-= After hacking at it a while...
It appears that just creating an "/interface/vlan" vlan interface and not messing with the "/interface/ethernet/switch/vlan" port vlan-mode stuff and it looks like its doing now exactly what I need it to do. I don't know why it didn't work on port 1 but I can use port 2. Its a little frustrating that I spent half a day figuring out what would take a short note in the documentation. "vlan interfaces only work on ports 2-5 on the RB750GL" and "/interface/ethernet/switch/vlan/" configurations are not needed.
If anyone can expand on how the /interface/ethernet/switch/vlan configs are used or in what conditions or situations they come into play, I for one am interested in knowing.
Thanks,
Keith
Re: rb750gl vlan config unexpected behavior
Check this page:
http://wiki.mikrotik.com/wiki/Switch_Chip_Features
To use the switch on port 1, your RB needs to support switching on port 1 (750GL appears to, some support 2-5 only) and then:
It may default to "no", which means 2-5 only.
There are examples in the wiki.
vlans on the switch are useful for port-to-port wire speed switching or rules. Only a few chips support filtering (rules) (750GL does).
Rules happen at wire speed in the switch chip and require no ROS CPU.
http://wiki.mikrotik.com/wiki/Switch_Chip_Features
To use the switch on port 1, your RB needs to support switching on port 1 (750GL appears to, some support 2-5 only) and then:
Code: Select all
/int ethernet switch set switch-all-ports=yesThere are examples in the wiki.
vlans on the switch are useful for port-to-port wire speed switching or rules. Only a few chips support filtering (rules) (750GL does).
Rules happen at wire speed in the switch chip and require no ROS CPU.
Who is online
Users browsing this forum: No registered users and 37 guests