I’m very new to Mikrotik so I guess this is a very basic question.
I’m very aware of how vlans,trunk, etc works on some famous vendor environment.
Instead I’ve some issues to understand the logic there is behind Mikrotik.
I’ve a RB951 with os 6.24.
I’ve ADSL modem attached on ether1 and a bridge switch with eth2 as master and the others as slave.
On modem side I’ve 172.16.254.x network segment and on bridge segment I’ve 192.168.1.x
Let’s say I want to connect on port5 an esxi server and bring the two segments inside the esxi server.
Let’s say 192.168.1.x is vlan1 and 172.16.254.x is vlan99. (so vlan1 untagged and vlan99 tagged)
With Cisco I would add vlan1 and vlan99, remove current ip addresses from interfaces and put ip address on SVI and make their firewall rules to reflect the new settings.
Then tagged vlan1,99 on interces face to your provider.
In my experience or lack of therefor, I have only used Mikrotik. I can’t give you a specific answer on how to fix your problem, however, I can help you with setting up vlans.
The simplest way, for me anyway, to add vlans.
Assume I have a RouterBOARD750GL with no ip address and no configuration(removed configuration)
In this situation I have a NOC that has vlans already created on it, lets say CISCO
and lets say we have an patch cord with tagged vlan 500 and we want eth1 on the rb750gl to be the uplink
Starting with the rb750gl:
1.Open a ‘New Terminal’
2.Type ‘/interface vlan’ then ‘add name=VLAN_NAME interface=INTERFACE vlan-id=VLAN’
3.Now you need to decide if you need tagged or untagged.
4.Navigate to ‘/interface bridge’
5.Type 'add name=BRIDGE_NAME protocol-mode=none
6.Go to ‘/interface bridge port’
7.If you need untagged
7.1 Type 'add interface=VLAN_NAME bridge=BRIDGE_NAME
7.2 Type 'add interface=DESIRED_UNTAGGED_PORT bridge=BRIDGE_NAME
8.If you need just tagged
8.1 Type 'add interface=VLAN_NAME bridge=BRIDGE_NAME
8.2 Type 'add interface=DESIRED_TAGGED_PORT bridge=BRIDGE_NAME
Example
Assuming tagged 99 is plugged into a rb750gl on port1 named e1 and a computer needs to be on vlan99 on port 5
/interface vlan add name=v99e1 interface=e1 vlan-id=99
/interface bridge add name=bridge_v99 protocol-mode=none
/interface bridge port add interface=v99e1 bridge=bridge_v99
/interface bridge port add interface=e5 bridge=bridge_v99
–
I don’t know if that helps very much but maybe its a start.
port1 connected to ADSL modem, and I would like to put it into vlan99 in untagged mode
port2 connected to LAN, and I would like to put it into vlan1 in untagged
port5 connected to ESXi and I would like to put it into tagged modo with vlan1 and vlan99
I’ve tried to follow your advice as well as those two other posts:
Everything is pretty clear but it still does not work.
It’s strange I can do the same config with a cisco device in 30 seconds but I really can’t figure out how Mikrotik logic is.
First of all.. I reset my 951 do factory config. 951 does not have a console port so I need to take care to not lose the ip configuration for management.
Second: I’ve followed your instructions.. I’ve created vlan99 and bridge_v99 and assigned as your suggestion but still nothing, I can’t ping hosts in vlan99 on e1 from e5 or viceversa.
now I need to connect an ESXi on port5 and I would like to have a VM on that port on vlan99.
Indeed I’ve created a vlan99 on ESXi (as I usual do) but still does not work.. I can’t ping the VM on vlan99 from RB951 or from a pc on an untagged port 99.
I’ve read this: http://wiki.mikrotik.com/wiki/Manual:Switch_Chip_Features
and I 've tried to use the vlan-mode secure as per instruction.. Unluckily every time I lose connection to my RB951 and I’m not able to figure out what’s the problem.
Is there someone that can help here a bit? I think I simply miss the logic since I’m able to do the same job with other switches vendors.
