hi. i have rb951G with ROS 6.34.6. All 5 ports are combined into a switch, the switch is divided into the vlans. wlan and master port added to bridge. Can I add vlan interfaces to the master port( which added to bridge) or add vlan interfaces to the bridge? what is the difference?
I don’t yet know how to use the new version 6.41 that changes all this. However, for 6.39.3 and lower, you can do something shown below. Not sure of what your goals are with your unit.
# READ ME
# This is the setup for a single unit with a wlan interface
# Create VLAN Trunk port on wlan1
/interface vlan
add interface=wlan1 name=vLAN10 vlan-id=10
# Create bridge to forward VLAN packets
/interface bridge
add name=bridge-vLAN10 protocol-mode=none
# add necessary ports to bridge
/interface bridge port
add bridge=bridge-vLAN10 interface=wlan1
add bridge=bridge-vLAN10 interface=vLAN10
# Assign IP Address to the bridge
/ip address
add interface=bridge-vLAN10 address=192.168.10.1/24
# Setup a DHCP server just for VLAN clients
/ip pool add name=dhcp-vLAN10 ranges=192.168.10.2-192.168.10.254
/ip dhcp-server add address-pool=dhcp-vLAN10 authoritative=yes interface=bridge-vLAN10 name=dhcp-vLAN10
/ip dhcp-server network add address=192.168.10.0/24 dns-server=8.8.8.8 domain=guest.local gateway=192.168.10.1
# Prevent vLAN10 from accessing rest of LAN
/ip firewall filter
add chain=forward action=drop in-interface=!bridge-LAN out-interface=bridge-LAN comment="VLAN seperate"
add chain=forward action=accept in-interface=bridge-vLAN10 connection-state=new comment="Allow VLAN access to Internet"
what is it?
Your config is not at all what I’m talking about.
i have
/interface bridge port> print
# INTERFACE BRIDGE PRIORITY PATH-COST HORIZON
0 ether2 local 0x80 10 none
1 wlan1 local 0x80 10 none
/interface ethernet print
# NAME MTU ARP MASTER-PORT SWITCH
0 S ether1 1500 enabled ether2 switch1
1 RS ether2 1500 enabled none switch1
2 RS ether3 1500 enabled ether2 switch1
3 RS ether5 1500 enabled ether2 switch1
4 RS wan 1500 disabled ether2 switch1
/interface ethernet switch port
set 0 default-vlan-id=24 vlan-mode=secure
set 1 default-vlan-id=24 vlan-mode=secure
set 2 default-vlan-id=24 vlan-mode=secure
set 3 default-vlan-id=250 vlan-header=always-strip vlan-mode=secure
set 4 default-vlan-id=24 vlan-mode=secure
set 5 default-vlan-id=24 vlan-mode=secure
/interface ethernet switch vlan
add independent-learning=yes ports=ether1,ether2,ether3,ether5,switch1-cpu switch=switch1 vlan-id=24
add independent-learning=yes ports=wan,switch1-cpu switch=switch1 vlan-id=250
add independent-learning=yes ports=switch1-cpu,ether3,ether2,ether1 switch=switch1 vlan-id=7
add independent-learning=yes ports=switch1-cpu,ether1 switch=switch1 vlan-id=9
add independent-learning=yes ports=switch1-cpu,ether1,ether2,ether3 switch=switch1 vlan-id=25
and vlans. it can be so
/interface vlan print
# NAME MTU ARP VLAN-ID INTERFACE
0 R vlan250_for_wan 1500 disabled 250 ether2
1 R vlan_7 1500 enabled 7 ether2
2 R vlan_9 1500 enabled 9 ether2
3 R vlan_25 1500 enabled 25 ether2
or so
/interface vlan print
# NAME MTU ARP VLAN-ID INTERFACE
0 R vlan250_for_wan 1500 disabled 250 local
1 R vlan_7 1500 enabled 7 local
2 R vlan_9 1500 enabled 9 local
3 R vlan_25 1500 enabled 25 local
it works in both versions, I just wanted to know what the difference is?