Bridge port stuck in 'disabled port' mode.

SmallClanger · January 24, 2020, 12:19pm

Hi all. I have a CRS305-1G-4S+ running 6.45.7 - with the following design.

                                                                                                   
                                                                   | LAN                           
                                                                   |                               
       +---------------------+                                    /                                
       |                     |        +---------------------------|+      +-----------------------+
       |    192.168.13.205/24|--------|sfp1-viewer    ether1-config|      |                       |
       |C1                   |        |PVID 13                     |      |                       |
       +---------------------+        |                            |      |                       |
                                      |          CRS305            |      |           S1          |
                                      |                            |      |                       |
       +---------------------+        |                            |      |                       |
       |                     |--------|sfp2-acso1        PVID 1    |      |                       |
       |      192.168.14.x/24|        |PVID 14           T 13+14   |      |     /VLAN14           |
       |C2                   |        /sfp3-acso2        sfp4-mvc  -------|eth0--VLAN13           |
       +---------------------+      /-+----------------------------+      +-----------------------+
                                  /-                                                               
       +---------------------+  /-                                                                 
       |                     |/-                                                                   
       |      192.168.14.x/24-                                                                     
       |C3                   |                                                                     
       +---------------------+

Following https://wiki.mikrotik.com/wiki/Manual:Basic_VLAN_switching I’ve set up:

[admin@testrig-mt] > /interface bridge print
Flags: X - disabled, R - running
 0 R name="acs-bridge" mtu=auto actual-mtu=1500 l2mtu=1592 arp=enabled arp-timeout=auto mac-address=74:4D:28:64:F7:AD protocol-mode=none fast-forward=no
     igmp-snooping=yes multicast-router=temporary-query multicast-querier=no startup-query-count=2 last-member-query-count=2 last-member-interval=1s
     membership-interval=4m20s querier-interval=4m15s query-interval=2m5s query-response-interval=10s startup-query-interval=31s250ms igmp-version=2
     auto-mac=yes ageing-time=5m vlan-filtering=yes ether-type=0x8100 pvid=1 frame-types=admit-all ingress-filtering=no dhcp-snooping=no

I’m connected via ether1 for mgmt, so no mgmt VLAN needed.

[admin@testrig-mt] > /interface bridge port print detail
Flags: X - disabled, I - inactive, D - dynamic, H - hw-offload
 0   H interface=sfp2-acso1 bridge=acs-bridge priority=0x80 path-cost=10 internal-path-cost=10 edge=auto
       point-to-point=auto learn=auto horizon=none hw=yes auto-isolate=no restricted-role=no
       restricted-tcn=no pvid=14 frame-types=admit-all ingress-filtering=no unknown-unicast-flood=yes
       unknown-multicast-flood=yes broadcast-flood=yes tag-stacking=no bpdu-guard=no trusted=no
       multicast-router=temporary-query fast-leave=no

 1 I H interface=sfp3-acso2 bridge=acs-bridge priority=0x80 path-cost=10 internal-path-cost=10 edge=yes
       point-to-point=no learn=auto horizon=none hw=yes auto-isolate=no restricted-role=no
       restricted-tcn=no pvid=14 frame-types=admit-all ingress-filtering=no unknown-unicast-flood=yes
       unknown-multicast-flood=yes broadcast-flood=yes tag-stacking=no bpdu-guard=no trusted=no
       multicast-router=temporary-query fast-leave=no

 2   H interface=sfp4-mvc bridge=acs-bridge priority=0x80 path-cost=10 internal-path-cost=10 edge=yes
       point-to-point=no learn=auto horizon=none hw=yes auto-isolate=no restricted-role=no
       restricted-tcn=no pvid=1 frame-types=admit-all ingress-filtering=no unknown-unicast-flood=yes
       unknown-multicast-flood=yes broadcast-flood=yes tag-stacking=no bpdu-guard=no trusted=no
       multicast-router=temporary-query fast-leave=no

 3 I H interface=sfp1-viewer bridge=acs-bridge priority=0x80 path-cost=10 internal-path-cost=10 edge=auto
       point-to-point=auto learn=auto horizon=none hw=yes auto-isolate=no restricted-role=no
       restricted-tcn=no pvid=13 frame-types=admit-all ingress-filtering=no unknown-unicast-flood=yes
       unknown-multicast-flood=yes broadcast-flood=yes tag-stacking=no bpdu-guard=no trusted=no
       multicast-router=temporary-query fast-leave=no

And the VLAN config:

[admin@testrig-mt] > /interface bridge vlan print detail
Flags: X - disabled, D - dynamic
 0   bridge=acs-bridge vlan-ids=13 tagged=sfp4-mvc untagged=sfp1-viewer current-tagged=sfp4-mvc current-untagged=""
 1   bridge=acs-bridge vlan-ids=14 tagged=sfp4-mvc untagged=sfp2-acso1,sfp3-acso2 current-tagged=sfp4-mvc current-untagged=sfp2-acso1
 2 D bridge=acs-bridge vlan-ids=1 tagged="" untagged="" current-tagged="" current-untagged=acs-bridge,sfp4-mvc

No filtering or any other magic enabled. It should be a simple switch with two VLANs. v14 on two ports, v13 on another; both of them trunked on the fourth.

v14 works fine. I can connect a machine to sfp2 or sfp3, get a DHCP address form S1 and forward traffic. Not so the sfp1-viewer port. For some reason, this port is stuck in ‘inactive’ even though the remote side link is up (auto-negotiates at 1Gb/FD). The monitor shows:

[admin@testrig-mt] > /interface bridge port monitor 3
            interface: sfp1-viewer
               status: in-bridge
          port-number: 4
                 role: disabled-port
            edge-port: no
  edge-port-discovery: yes
  point-to-point-port: yes
         external-fdb: no
         sending-rstp: yes
             learning: no
           forwarding: no
     multicast-router: no
     hw-offload-group: switch1

I’ve disabled STP on the bridge, but the port is ‘sending-rstp’. Not sure if that’s relevant.

I’ve swapped SFPs, cables and switch ports and the problem seems to follow VLAN 13. Is there something I’m missing?

Cheers,

Terry

SmallClanger · January 24, 2020, 2:15pm

For the benefit of anyone else reading…

Solved my own problem. Seems that the interface auto-negotiation was failing. The C1 side happily reported 1Gbps/FD, and the CRS shows auto-negotiation as ‘done’. but crucially wasn’t showing any agreed bandwidth or duplex setting:

[admin@testrig-mt] /interface bridge port> /interface ethernet monitor 1
                      name: sfp1-viewer
                    status: no-link
          auto-negotiation: done
               advertising:
  link-partner-advertising:
        sfp-module-present: yes
               sfp-rx-loss: no
              sfp-tx-fault: no
                  sfp-type: SFP-or-SFP+

Setting it manually, or connecting the C1 side to a different host with a different NIC caused it to start working. Nothing to do with the bridge or VLAN settings in the end.

willieaames · February 4, 2020, 6:34am

[admin@testrig-mt] > /interface bridge port monitor 3
interface: sfp1-viewer
status: in-bridge
port-number: 4
role: disabled-port
intelligence level> : none
edge-port: no
edge-port-discovery: yes
point-to-point-port: yes
external-fdb: no
sending-rstp: yes
learning: no
forwarding: no
multicast-router: no
hw-offload-group: switch1

Thanks, This is helpful.