Hi,
im running a RB5009 with 2 connected CAP ACs.
the CAPs are connected to Port 7+8 on the RB5009.
Im running 3 VLANS:
/interface vlan
add interface=BR-MAIN name="VLAN10 - Wifi" vlan-id=10
add interface=BR-MAIN name="VLAN20 - IoT" vlan-id=20
add interface=BR-MAIN name="VLAN50 - LAN" vlan-id=50
Bridge BR-MAIN is setup as following (relevant AP config only)
/interface bridge
add admin-mac=REDACTED auto-mac=no name=BR-MAIN port-cost-mode=short protocol-mode=none vlan-filtering=yes
/interface bridge port
add bridge=BR-MAIN comment="AP1 (Downstairs)" frame-types=admit-only-vlan-tagged interface="ether7 - AP1" internal-path-cost=10 path-cost=10
add bridge=BR-MAIN comment="AP2 (Upstairs)" frame-types=admit-only-vlan-tagged interface="ether8 - AP2" internal-path-cost=10 path-cost=10
The Caps are running on VLAN50:
/interface bridge vlan
add bridge=BR-MAIN comment=LAN tagged="BR-MAIN,ether7 - AP1,ether8 - AP2" vlan-ids=50
Caps Man config:
/caps-man configuration
add channel.band=5ghz-a/n/ac .control-channel-width=20mhz .extension-channel=\
disabled .skip-dfs-channels=yes .tx-power=20 country=austria \
datapath.bridge=BR-MAIN .client-to-client-forwarding=yes .vlan-id=10 \
.vlan-mode=use-tag installation=indoor mode=ap name=Owcahome rates.basic=\
12Mbps,18Mbps,24Mbps,36Mbps,48Mbps,54Mbps .supported=\
12Mbps,18Mbps,24Mbps,36Mbps,48Mbps,54Mbps security.authentication-types=\
wpa2-psk .encryption=aes-ccm .group-encryption=aes-ccm .group-key-update=\
10m ssid=Owcahome
add channel.band=2ghz-g/n .control-channel-width=20mhz .extension-channel=\
disabled .frequency=2412,2437,2462 .skip-dfs-channels=no .tx-power=10 \
country=austria datapath.bridge=BR-MAIN .vlan-id=20 .vlan-mode=use-tag \
installation=indoor mode=ap name=IoT rates.basic=\
12Mbps,18Mbps,24Mbps,36Mbps,48Mbps,54Mbps .supported=\
12Mbps,18Mbps,24Mbps,36Mbps,48Mbps,54Mbps security.authentication-types=\
wpa2-psk .encryption=aes-ccm .group-encryption=aes-ccm .group-key-update=\
10m ssid=IoT
Each VLAN has a DHCP Server running, handing out IPs:
/ip dhcp-server
add address-pool=POOL_IOT interface="VLAN20 - IoT" lease-time=4w2d name=DHCP-IOT
add address-pool=POOL_WIFI interface="VLAN10 - Wifi" lease-time=1w3d name=DHCP-WIFI
add address-pool=POOL_LAN interface="VLAN50 - LAN" lease-time=14w2d name=DHCP-LAN
The CAPs are operating in manager forwarding mode.
Clients are getting their IP fine and Caps are reachable via L2/L3 fine.
Only thing which is not working is DNS. I cannot upgrade CAPs as they cannot resolve DNS names. What am I doing wrong?
Forgot to add CAP config.
/interface bridge
add admin-mac=REDACTED auto-mac=no ingress-filtering=no name=BR-MAIN \
protocol-mode=none vlan-filtering=yes
/interface ethernet
set [ find default-name=ether1 ] name="ether1 - Router"
set [ find default-name=ether2 ] name="ether2 - Printer" poe-out=off
/interface vlan
add interface=BR-MAIN name="VLAN50 - LAN" vlan-id=50
/interface bridge port
add bridge=BR-MAIN frame-types=admit-only-vlan-tagged ingress-filtering=no \
interface="ether1 - Router"
add bridge=BR-MAIN frame-types=admit-only-untagged-and-priority-tagged \
interface="ether2 - Printer" pvid=50
/interface bridge vlan
add bridge=BR-MAIN tagged="BR-MAIN,ether1 - Router" vlan-ids=50
/interface wireless cap
set bridge=BR-MAIN certificate=CAP-18FD74C22E38 discovery-interfaces=\
"VLAN50 - LAN" enabled=yes interfaces=wlan1,wlan2 lock-to-caps-man=yes
/ip dhcp-client
add interface="VLAN50 - LAN"
/system identity
set name=AP1