So I’ve decided to overhaul my home network when I ran out of space on my 24 port switch. I purchased a Mikrotik CRS125-24G-1S-RM cloud router, and also a Mikrotik RB951G-2HND. I’m coming from a Cisco/Links E3000 with DDWRT on it, so I have an advanced knowledge of networking, however the Mikrotik system is a bit much for me. Looking for some help in getting this stuff set up. I’ll explain my network and the problems I’ve come across.
Currently I have the Internet (copper cat6 from ISP fiber tranciever) going into my E3000 which serves my local DNS, DHCP, static IP’s, and wireless.
My goal is to totally remove the E3000. I want the Cloud router to take over all the functions the E3000 does. I would run the Internet into a Cisco GLC-T SF Tranciever and then the rest of my network would be plugged in to ports 1-24. I would use the RB951 only as an AP. I don’t want it to do anything other than broadcast my wireless signal and maybe let ports 2-5 be extra network ports like those on the cloud router if I expand my network.
I’ve gotten the basic setup done, but I’ve ran into a few problems.
How can I get the SFP module to be the gateway? Changing the settings from master to slave does nothing. I figured it would default to any SFP module to being the gateway or master.
I got the wireless working, but I cannot get it to DHCP relay back to the main router. If i set the AP up with a DHCP server then clients can connect but they don’t get internet. I have it set up as “Home AP”
I think the AP is seeing the IP it gets as a WAN ip and not a Lan ip so it’s keeping the two networks separate. The one thing I never was able to understand with DDWRT was bridges and I think my lack of knowledge is causing some of my problems here.
Ok.
First of all, CRS is not the best device to act as router as it is mainly the switch. Of course you can use it as router with firewall and nat, but you will hit the limits soon (roughly somewhere around 200Mbits/s - but it depends…) If you need more throughput, you shoud have a look at 1100ahx2 or CCR. May happen that 951G can provide better throughput when acting as your main router to wan. Maybe you need just far lower speeds so this note is not important for you.
To the settings of CRS:
First of all, on switch menu unmark “switch all ports”.
Then check that sfp port does not have any master port.
After that set the port as wan freely (ip address and so).
Other ports that should be LAN, set as slaves to one of them. Then set the things you need to be applied to your LAN in relation to that master port.
If you use local adresses in LAN, do not forget to set masquearade and also other common firewall and nat rules. May happen that you will ned to switch on connection tracking if it is not on by default on CRS (as it is switch, not router ).
Check the diagrams to see difference between switch and router (shortly - switch has wirespeed switching processor with CPU connected on side to it by one line, but router has more independent lines to CPU). The reason is that they should play different roles - router takes every packet and process it by CPU thinking about to which of the other lines it should be passed, but switch does not, it only has CPU to be able to manage the switch, roughly said.
Now to the distant AP:
Set the wifi as you need.
Create a bridge and put all ports to that bridge (if you need wirespeed switching on ethernets, enslave only switch master port to the bridge), including wifi interface.
Put IP to the bridge (manually or enable dhcp client on bridge).
Connect one of the ports (probably the master port of the switch) to LAN port of your router.
If you use one network (subnet), there is no need to implement dhcp relay.
If you are familiar with networks, do not use quickset, but set everything on your own manually, starting with full config removal in winbox by System-reset configuration (with marking all three options there).
ROS environment is always very scary for new users so do not forget to read manual about everything you are going to set / change. You will understand soon. For the beginning think about the bridge like it is something like “software switch”.
I would think they wouldn’t sell something that would slow down like that. I would have loved to have all my management in one device but they don’t sell a 24-port switch with wireless.
Long story short, I have over 60 devices in my home (between entertainment, computers, phones, and IP cameras). My plan is to put the non-priority devices on a single 24-port Netgear switch (what I had been using for the last 5 years), and then put all of my priority devices (computers, tables NAS boxes, phones, X-Box, etc) into the CRS so I could run prioritization and monitor traffic patterns.
Maybe I’ll take your advice. I run the internet into the AP, and into the 4 other ports will go the CRS, Netgear, and probably my security system. Then I’ll be able to narrow down troubles that way.
I’ll use your setup here as a guide and work backwards. I’m sure the CRS will be much happier and faster being a switch
Well, I braved a network downtime for a while and got the AP set up as the gateway, and the CRS set up as the switch. Good news is things seem to be working decently. I have internet via Wifi and through the switches. DHCP is working
My biggest issue is the SFP port. For whatever reason it will not work. It has a genuine Cisco (not “Cisco compatible”) SFP transceiver in it, but it will not transmit. When I plug the AP into ports 1-24 everything works as it should and it’s all one big network. That SFP port is just my issue.
Under the “Switch” menu, there is no “Switch” tab on the CRS. So I cannot check or un-check “Switch all ports” The AP has that tab, but not the CRS. When I go under “ports” all the ports 1-24, the SFP and the CPU are listed under there. The light turns on under the SFP transceiver but it never flashes.
Now I need to work on setting up my static DHCP (or manually go to all my devices and set them back up to static IP’s). I prefer manually setting IP’s in the software because I can change specific device IP’s form one place instead of going to each device (which isn’t always easy).
).