Community discussions

Search found 22 matches

by chalde
Wed Mar 13, 2019 3:14 pm
Forum: General
Topic: CRS326-24G-2S+RM port mirroring, many to 1 not possible?
Replies: 0
Views: 176

CRS326-24G-2S+RM port mirroring, many to 1 not possible?

Just received a CRS326-24G-2S+RM, upgrading from CRS125-24G-1S-IN. In CRS125-24G-1S-IN I could create 2 mirror groups and do many to 1 mirroring. In CRS326-24G-2S+RM it seems like it is only possible to create 1 mirror group and only do 1 to 1. Can anyone confirm this? If so, is it something that wi...
by chalde
Fri Feb 15, 2019 8:24 am
Forum: General
Topic: CRS125->CRS326 Upgrade - validate requirements
Replies: 0
Views: 355

CRS125->CRS326 Upgrade - validate requirements

Looking to upgrade my CRS125-24G-1S to a Mikrotik CRS326-24G-2S+RM, but need to ensure, that what i want to achieve is possible in regards to hw offload, bridge vlans, hybrid ports etc. Anything to note on the below which could be an issue? The following will be connected: - NAS 4x1gb, LACP, 9k jumb...
by chalde
Sat Jun 09, 2018 10:56 am
Forum: General
Topic: CRS125, 6.40 to 6.42, vlan/bridge
Replies: 3
Views: 563

Re: CRS125, 6.40 to 6.42, vlan/bridge

Update seems to be working. Thx.
Haven't tested bridge grouping yet.
by chalde
Wed Jun 06, 2018 7:05 pm
Forum: General
Topic: CRS125, 6.40 to 6.42, vlan/bridge
Replies: 3
Views: 563

Re: CRS125, 6.40 to 6.42, vlan/bridge

Great. Thx. Will give it a go in the weekend.
Is it possible to save config and downgrade afterwards if anything doesn't work?
by chalde
Wed Jun 06, 2018 3:05 pm
Forum: General
Topic: CRS125, 6.40 to 6.42, vlan/bridge
Replies: 3
Views: 563

CRS125, 6.40 to 6.42, vlan/bridge

Hi all Currently running my CRS125-24G-1S on v 6.40.8 hotfix, but would like to upgrade to latest. However, I would like to know how this will affect my current vlan setup with the new bridging and vlan methods? Can someone help out, if the upgrade will affect my setup negatively? Semi anonymized co...
by chalde
Mon Oct 24, 2016 9:45 pm
Forum: General
Topic: bug report - mirror port, ingress stops
Replies: 3
Views: 528

Re: bug report - mirror port, ingress stops

now it happened after just 2 days.
Most likely same issue as: http://forum.mikrotik.com/viewtopic.php ... rror+stops
by chalde
Sat Oct 22, 2016 9:21 am
Forum: General
Topic: bug report - mirror port, ingress stops
Replies: 3
Views: 528

Re: bug report - mirror port, ingress stops

Bug happened again after about 2 weeks. Only ingress is mirrored this time.
Reboot fixes it, but need stable solution for this.
by chalde
Fri Oct 07, 2016 10:11 pm
Forum: General
Topic: bug report - mirror port, ingress stops
Replies: 3
Views: 528

bug report - mirror port, ingress stops

Model: CRS125-24G-1S Firmware: 3.33 RouterOS: 6.37.1 (also happened on 6.37 and 6.36, see: http://forum.mikrotik.com/viewtopic.php?f=13&t=112665 ) After some time, days or weeks, mirror stops sending egress. A reboot fixes the issue. I haven't been able to observe the specific time from reboot until...
by chalde
Tue Sep 27, 2016 9:33 pm
Forum: Beginner Basics
Topic: Port Mirror, only ingress is mirrored
Replies: 1
Views: 698

Re: Port Mirror, only ingress is mirrored

Updated to v6.37 fixed the issue.
by chalde
Tue Sep 27, 2016 6:12 pm
Forum: Beginner Basics
Topic: Port Mirror, only ingress is mirrored
Replies: 1
Views: 698

Port Mirror, only ingress is mirrored

Hi all I'm trying to figure out why I can only get ingress mirroring to work. When tapping on ether24, I only get the ingress data from ether19. Ether24 is only used for tapping (for use with IDS). Ether19 mirroring is set to: egress-vlan-mode=unmodified ingress-mirror-to=mirror1 ingress-mirroring-a...
by chalde
Sun Sep 18, 2016 11:35 am
Forum: Beginner Basics
Topic: New CRS125-24G-1S, new Mikrotik user, Vlan isolation
Replies: 15
Views: 1590

Re: New CRS125-24G-1S, new Mikrotik user, Vlan isolation

Just ran in to something during my tests. If putting devices without vlan tags on port 15 (vlan ingress tag 60) and mirroring port 18 (egress tag 40,60,100,110) and sniffing on it, I can see untagged ARPs from the untagged device on port 15. Is this normal behavior? I tried setting both port 15 and ...
by chalde
Sat Sep 17, 2016 1:34 pm
Forum: Beginner Basics
Topic: New CRS125-24G-1S, new Mikrotik user, Vlan isolation
Replies: 15
Views: 1590

Re: New CRS125-24G-1S, new Mikrotik user, Vlan isolation

Super. Thank you. So it looks like I'm close to (or have) achieved the following: port 1-12,19 Traffic to and from the ports is untagged. Can only communicate between the ports and with the switch management. port 13-14 Traffic to and from the ports is untagged. No tagged traffic. Can only communica...
by chalde
Sat Sep 17, 2016 10:42 am
Forum: Beginner Basics
Topic: New CRS125-24G-1S, new Mikrotik user, Vlan isolation
Replies: 15
Views: 1590

Re: New CRS125-24G-1S, new Mikrotik user, Vlan isolation

Had some tagged traffic which shouldn't be allowed on some ports, so changed a couple of settings (switch-cpu was set to all ports and vlan100+110 was missing on port 17). I didnt't add vlan0 to the vlan table, but I can ping between port 21 and 22 (isolated port group) with the "set forward-unknown...
by chalde
Fri Sep 16, 2016 8:53 am
Forum: Beginner Basics
Topic: New CRS125-24G-1S, new Mikrotik user, Vlan isolation
Replies: 15
Views: 1590

Re: New CRS125-24G-1S, new Mikrotik user, Vlan isolation

Sorry didn't see that line.

Untagged vlans would have to be authorized as well in the vlan table, use vlan-id 0 for untagged authorization.
I will give that a try later. Thank you :)
by chalde
Fri Sep 16, 2016 8:19 am
Forum: Beginner Basics
Topic: New CRS125-24G-1S, new Mikrotik user, Vlan isolation
Replies: 15
Views: 1590

Re: New CRS125-24G-1S, new Mikrotik user, Vlan isolation

Once you get things set up in the VLAN tables, etc. you need to make sure you set forward-unknown-vlans to off, or set drop-if-invalid-or-src-port-not-member-of-vlan-on-ports to the ports you want to isolate. If you don't have vlans set up properly you may lose access to router and need to reset an...
by chalde
Fri Sep 16, 2016 1:04 am
Forum: Beginner Basics
Topic: New CRS125-24G-1S, new Mikrotik user, Vlan isolation
Replies: 15
Views: 1590

Re: New CRS125-24G-1S, new Mikrotik user, Vlan isolation

Might have found a working config copy/pasting from various other configs and testing a little. Any pointers on this? Something that could be different, is unnecessary or could lead to leaks across vlans? Any way to optimize it? Haven't testet performance yet, all routing/CPU intensive operations sh...
by chalde
Tue Sep 13, 2016 12:23 am
Forum: Beginner Basics
Topic: New CRS125-24G-1S, new Mikrotik user, Vlan isolation
Replies: 15
Views: 1590

Re: New CRS125-24G-1S, new Mikrotik user, Vlan isolation

This is a little weird in my optics, maybe there is a reasonable explanation. Had my testmachines powered down with the same config running. Now booted them to test if changning interface ethernet switch ingress-vlan-translation print Flags: X - disabled, I - invalid, D - dynamic 0 ports=ether13,eth...
by chalde
Mon Sep 12, 2016 10:17 pm
Forum: Beginner Basics
Topic: New CRS125-24G-1S, new Mikrotik user, Vlan isolation
Replies: 15
Views: 1590

Re: New CRS125-24G-1S, new Mikrotik user, Vlan isolation

After a short vacation i've had time to try out some things, but i can't seem to get it functioning as i want it to. What i'm trying to do is something like this: vlans.JPG However, i can't seem to get the vlans isolated. See config outputs below. A short test, when having a client in port 1-12 or 1...
by chalde
Wed Aug 24, 2016 8:28 am
Forum: Beginner Basics
Topic: New CRS125-24G-1S, new Mikrotik user, Vlan isolation
Replies: 15
Views: 1590

Re: New CRS125-24G-1S, new Mikrotik user, Vlan isolation

If I'm correct, it works this way: you put all interfaces on master port - this works like normal switch. Do the same but with vlans and you can separate traffic. But put some interfaces on on master and some other to other master and you will end up with 2 independent switches (so it would work li...
by chalde
Tue Aug 23, 2016 10:53 am
Forum: Beginner Basics
Topic: New CRS125-24G-1S, new Mikrotik user, Vlan isolation
Replies: 15
Views: 1590

Re: New CRS125-24G-1S, new Mikrotik user, Vlan isolation

Can someone explain which vlan functionalities that are being limited?
Multiple master-port configuration is designed as fast and simple port isolation solution, but it limits part of VLAN functionality supported by CRS switch-chip.
by chalde
Sun Aug 21, 2016 9:50 pm
Forum: Beginner Basics
Topic: New CRS125-24G-1S, new Mikrotik user, Vlan isolation
Replies: 15
Views: 1590

Re: New CRS125-24G-1S, new Mikrotik user, Vlan isolation

Looking into details on http://wiki.mikrotik.com/wiki/Manual:CRS_examples i note the following: Multiple master-port configuration is designed as fast and simple port isolation solution, but it limits part of VLAN functionality supported by CRS switch-chip. For advanced configurations use one master...
by chalde
Sun Aug 21, 2016 6:51 pm
Forum: Beginner Basics
Topic: New CRS125-24G-1S, new Mikrotik user, Vlan isolation
Replies: 15
Views: 1590

New CRS125-24G-1S, new Mikrotik user, Vlan isolation

Hi I am new to Mikrotik, coming from Cisco (ages ago) and smartswitches (Dlink DGS3200-10 and Zyxel gs1900-24e). Bought a CRS125-24G-1S as I needed a managed switch with some more advanced features (primarily netflow, and advanced port mirroring). But I am having some issues understanding some of th...