What I am trying to accomplish is to add an additional network to a Mikrotik CRS328-24P-4S+, 192.168.30.0/24. In addition to the adding the network I have 3 Unifi APs and would like to access the .30 network via WIFI as well. I have created the network in the Unifi Controller and a corporate network w/ the default VLAN of 1 and an additional bridge on the Mikrotik, but I am unable to pull DHCP from the OPNSense router. At high-level here is my current state: AT&T GW---->Mikrotik---->Unifi APs. I have a 192.168.1.0/24 network with several VLANs that work just fine, struggling adding an additional network, any suggestions would be appreciated.
Depending on configuration of “3rd party” devices you may be creating loop(s) in your LAN. One potential loop is between CRS328 and openSense router, another potential loop is between CRS328, CRS305 and unRAID. Any of these loops will break connectivity for one of involved VLANs.
There’s xSTP which detects loops and if one is detected, it blocks one of involved ports. Only MSTP considers VLANs in the loop detection algorithm, other dialects (RSTP and legacy STP) work on physical layer.
If I was trying to do your job, I’d reconfigure existing link to trunk (so it’d carry both VLANs). If the other link is desired for high performance/availability reasons, nake tgem a bond and carry all VLANs over bond. In case of unRAID this would (in principle) mean establishing a MLAG environment between CRS328 and CRS305, but I’m not sure if this would actally help in any way (depends on other devices, connected to CRS305).
Thanks for the reply, I had this working when running SWOS and treated the 192.168.30.0/24 as VLAN30, which it isn’t a VLAN, rather a network. I switched to RouterOS and struggling making this work, I will consider the bond suggestion.
Question and where I am confused, “so it’d carry both VLANs” 192.168.30.0/24 is not a VLAN rather a network, should I create VLAN30 and consider it a VLAN?
Thanks
I dont understand your topology.
One should normally only have ONE connection between openWRT router and CRS acting as a router.
Similarly, there should only be ONE connection between CRS acting as a router and the unRAID, or more clearly stated only one route (via CRS305) from Router to UNRAID
It would appear maybe the issue is that the OPn Sense router is unable to do vlans? At least for the two subnets needing to go to the MT Router.
Perhaps I have made an incorrect assumption, maybe the CRS328 is supposed to be solely a switch.
In that case, You definitely should if possible run both vlans to the CR328 over the single port and same to unraid.
Dont see a 328 config either ???
The problem with “normal” L2 device (i.e. ethernet switch) is that in principle it only handles single IP subnet … L3 subnets (IP subnet) are in principle each tied to single L2 broadcast domain.
So when you try to carry two L3 subnets over single L2 broadcast domain, you inevitably enter into swamp of troubles. If the L2 topology of both (all) L3 networks is the same, then this is easily doable (simply add IP address from different IP subnet to same interface and you’re done) … but it doesn’t ensure traffic separation.
VLANs allow you to separate different L2 broadcast domains on single physical L2 network by separating subnets using VLAN tags. And that, on L2 layer, means that L3 subnets are separated from each other (you need router to pass traffic between different IP subnets).
There are ways of partitioning VLAN-capable switch into two parts (so it can, kind of, act as two separate switches, used by different L2 broadcast domains), the most elegant one includes VLANs (albeit only internally on each switch separately). But this approach still suffers from the loop detection I explained in my previous post.
So I really recommend you to look into VLANs and how they would help you restructure your LAN.
hahah mkx, I fell asleep reading your post, this is what I got out of it… ( thank god I am not trained).
blahblahblahblahblahblah*()#@+!@)!&Y$)@_@+ blahblahblahblah USE VLANS blahblahblahU&((@&#(@&+(@!! blahblahblah
I’m glad that even you found my post useful, as a senior citizen you surely appreciate a good sleep 
Yes, especially when I get up at 5am, 3 mornings a week to go rowing for about 10K.
Didn’t know that rowing was paid that much. 
Hehe, I wish.
Training for worlds masters in Germany, goal, not to come last!