@darknate, stick to the harder stuff its where you excel, will never come close to 1/32 that you know but leave the easy pickings to the those that are used to mucking in the mud
At OP, Taking a look at your config it looks excellent!
(1) However needs slight adjustment on /interface bridge vlans for close to perfection.
You have /interface bridge vlan
add bridge=BR1 tagged=BR1,ether1 vlan-ids=99
Note, you can leave out the untagged in this case, but I prefer to put in the config so
that they are visible in an export of the config and one can cross match easily with bridge ports to see what you have done (even more so if ever using hybrid ports)
(2) Minor change… mac-server is not a secure access method and thus should not be utilized.
From /tool mac-server
set allowed-interface-list=BASE
/tool mac-server mac-winbox
set allowed-interface-list=BASE
TO /tool mac-server
set allowed-interface-list=NONE
/tool mac-server mac-winbox
set allowed-interface-list=BASE
(3) Add this line. /ip dns
set allow-remote-requests=yes servers=192.168.88.1 comment=“dns through trusted subnet gateway”
/ip dns is an array of properties with values. You can only change settings of existing (predefined) properties, you can’t add/invent new ones. comment does not exist … neither in 6.49.7 nor in 7.8.
Sometimes I wonder if @anav has something to do with ChatGPT (who is known to invent things)
Good point LOL, I think its important to comment on every line of config, bad software habits.
MKX is correct, I didnt actually config that line I just wrote it, blindly assuming one could add a comment to that bit of code… LOL
THe DNS entry is not commentable if that is a word.
Truth be told that was more of - why are we adding this line… will adjust article. THANKS!!!
Not CHAT GPT, but I am flattered you equated me with AI
But just to be sheite disturber I did fine one possibility
/ip dns static
add address=192.168.88.1 comment=“Hey look ma, i can comment on one type of dns entry ;-PPPPP” name=mkx_is_always_right
