I’m new to MikroTik - a UBNT refugee. I picked up a CRS326-24G-2S+RM for testing purposes. It is running ROS 6.46.2 stable. I am booting to RouterOS, but have the switch in bridge mode.
I discovered that when I try to set a bridge on a port through the CLI, the switch not only stops responding, but also fails to come up after a power cycle. It’s like this command is corrupting the configuration:
/interface bridge
add name=switch_trunk vlan-filtering=no
/interface bridge port
set [ find default-name=ether1 ] bridge=switch_trunk pvid=8 comment=“testing comment”
When I set the bridge on ether1 is when it stops responding. Making these changes in Webfig works fine. Is this a known problem? I am using port 13 by the way, not port 1 when I’m changing these settings.
Also, I had another question regarding bridges and VLANs. The question is, should I just use the default bridge, and not create any additional bridges for my ports/VLANs? Under which circumstances would I want to create additional bridges? Or is it simply personal preference?
Decision to create additional bridges is a personal preference most of times.
BUT: only single bridge operations can be HW offloaded, the rest of bridges will handle packets in software by main CPU and on CRS that’s nowhere near wirespeed.
Regarding crash: check settings of existing bridge regarding MAC address. On most MT devices setting is that bridge interface assumes MAC address of first member port (in your case that’s probably ether1) and if that interface is removed from bridge, everything drops as bridge assumes different MAC address. This however doesn’t mean permanent loss of connectivity.
Thank you for the reply. You are correct in saying that the bridge uses it’s first member’s (ether1) MAC address. I was not aware of this, but I verified that is the case. However, I picked a port at random (ether18) to assign to the new bridge via CLI, and the same thing happened. After the set command is issued, I can no longer contact the switch, even after a power cycle. Repeating what I said earlier, I can perform with operation in Webfig with no problems. Did I stumble onto a bug?
Also, thank you for your reply on bridge preferences. The reason I ask is because I have a trunk port that I only want to pass tagged traffic, and so I thought I might configure the bridge to only pass tagged traffic. But then I also have untagged devices on the switch locally, and still need them to pass traffic.
It is perfectly fine to mix tagged and untagged ports on single bridge. There are many things that can be done using VLANs on single bridge.
For example switch segmentation (part of switch ports belong to one L2 domain, the rest belong to another L2 domain, all ports untagged) … first guess for most would be to create two bridges and assign interfaces to one of bridges according to needs. But one can use VLANs internaly to switch and configure part of interfaces as access ports[*] for one VLAN and the rest of interfaces as access ports for another VLAN. One would loose HW offload for one part of switch in first case but would have full HW offload on CRS3xx in second case (and no HW offload on the rest of RB device types).
Etc…
[*] access ports are ports which externally carry untagged traffic, but internally belong to a tagged VLAN and thus have pvid set accordingly.
Thanks for the reply. I have found that if I remove a bridge port via CLI, and then add that port to another bridge, as instructed, it works fine. So I guess it’s a bug. I’ve marked your post as the answer, thanks again for the help regarding that and the advice regarding the bridge setup.