How to make bridge between Ethernet interface and Vlan interface?
It should work, but let’s just hope that vlan1 is not defined on physical port ether1 itself, or is it?
–Tom
interface bridge port add interface= bridge=
this is all in manual about bridging interfaces
Yes, vlan1 defined on ether1.
It is not correct, is it?
how it should be
/interface bridge port add interface=vlan1 bridge=bridge1
and yours
/interface bridge add interface=vlan1 bridge=bridge1
Sorry, it is my error. Realy I have:
/ interface vlan
add name=“vlan1” mtu=1500 arp=enabled vlan-id=1 interface=ether1 comment=“” disabled=no
/ interface bridge port
add interface=vlan1 bridge=bridge comment=“” disabled=no
add interface=ether1 bridge=bridge comment=“” disabled=no
But this don`t work.
What are you really trying to accomplish? It doesn’t make sense to have vlan1 and the native interface bridged because vlan1 is the native/default vlan anyway. It might make sense to have two different vlan’s on the same interface bridged but the native and vlan 1 bridged together will cause headaches for you sooner or later.
Yeah, that’s what I’ve been telling him about five posts ago…
–Tom
With Vlan2 (pvid=2), don`t work to!!!
(all ip adress is assigned to Ether1)
It’s not about the VLAN Id. The problem is that you have a VLAN defined on physical interface ether1 and then you are throwing ether1 and that VLAN together into one bridge. It’s not a good idea to bridge a VLAN with the physical interface that this VLAN itself is defined upon. Why would that ever be useful and why do you think you need to do this?
So lets ask one last time: What are you trying to accomplish with your configuration?
–Tom
I need to do it scheme:
That network design is broken. You have two different subnets on the same physical. I would advise you to rethink that network design.
At me now the same, only without Vlan.
On one interface at me 5 subnet (/24).
And all - OK.
Why it is impossible so to do?
How you can configure one physical port of L2 switch to be untagged at more than one Vlan ?
How you can configure one physical port of L2 switch to be untagged at more than one Vlan ?
We have tagged all frame (vlan1,vlan2,vlan3). Don`t have untagged port.
You can technically do what you are trying using other than vlan1. For example on router 1 in your diagram you can use vlan’s 2,3,4 like:
/interface vlan add name=e1-v2 vlan-id=2 interface=ether1
/interface vlan add name=e1-v3 vlan-id=3 interface=ether1
/interface vlan add name=e1-v4 vlan-id=4 interface=ether1
/interface bridge add name=bridge1 disabled=no
/interface bridge port add bridge=bridge1 interface=e1-v2
/interface bridge port add bridge=bridge1 interface=e1-v3
/interface bridge port add bridge=bridge1 interface=e1-v4
/ip address add address=192.168.1.1/24 interface=bridge1
/ip address add address=192.168.2.1/24 interface=bridge1
However, your network design is still broken. For example, the client at 192.168.3.3 can never communicate with the client at 192.168.3.34. This is because the client has a /24 netmask and so it knows it should be able to communicate at layer 2 (i.e. directly through Ethernet) to any other client in the same subnet. To do this, the client at 192.168.3.3 will do an ARP request for the MAC address of the client with address 192.168.3.34. Your switch VLAN setup prevents the client at .34 from ever hearing the ARP request and so the client at .3 can never communicate with .34. It will never try a routed connection because the netmask says it doesn’t have to.
Mikrotik configuration nor capabilities are your problems here.
Your network design is broken, as JJCinAZ already said.
For example, in your network diagram addresses from the 192.168.3.0/24 network appear to be used on all three VLANs (Vlan1, Vlan2 and Vlan3). How is that supposed to work and what is the intention behind this? The same is true for 192.168.1.0/24.
You can only use the same address range on different VLANs if you’d bridge the respective VLAN interfaces to each other, but then you’d configure the IP addressing on the bridge interface and not on the VLAN interfaces, and by bridging the VLANs to each other we might ask why then you’d need VLANs at all, since that would basically put them all back again into one broadcast domain…
–Tom
Big thanks to all for replay!!!
We use the same address range on different VLANs, because it is the most correct variant.
Yeah, right… Nevermind, I give up 
–Tom
Maybe you can try this :
On router 1 :
/interface vlan add name=r1-v1 vlan-id=1 interface=ether1 disabled=no
/interface vlan add name=r1-v2 vlan-id=2 interface=ether1 disabled=no
/interface vlan add name=r1-v3 vlan-id=3 interface=ether1 disabled=no
/interface bridge add name=bridge1 stp=yes disabled=no
/interface bridge port add interface=r1-v1 bridge=bridge1 disabled=no
/interface bridge port add interface=r1-v2 bridge=bridge1 disabled=no
/interface bridge port add interface=r1-v3 bridge=bridge1 disabled=no
/ip address add address=192.168.1.1/24 interface=bridge1
/ip address add address=192.168.2.1/24 interface=bridge1
On router 2 :
/interface vlan add name=r2-v1 vlan-id=1 interface=ether1 disabled=no
/interface vlan add name=r2-v2 vlan-id=2 interface=ether1 disabled=no
/interface vlan add name=r2-v3 vlan-id=3 interface=ether1 disabled=no
/interface bridge add name=bridge1 stp=yes disabled=no
/interface bridge port add interface=r2-v1 bridge=bridge1 disabled=no
/interface bridge port add interface=r2-v2 bridge=bridge1 disabled=no
/interface bridge port add interface=r2-v3 bridge=bridge1 disabled=no
/ip address add address=192.168.3.1/24 interface=bridge1
/ip address add address=192.168.4.1/24 interface=bridge1
Then configure your switch (i don’t know about other switch), but i use cisco
no spanning tree vlan 1,2,3