Hi.
I want to create 3 VLANs on lan side of my Mikrotik. For WAN I use SFP and one management IP which is working.
Then I want to add 3 VLANs (ex. 10, 20, 30) under Interfaces tab, VLAN ID and add them to bridge that has 1-8 gig ports.
I create 3 addressess (192.167.10.1/24, etc) and add them to VLAN10 etc.
From all the videos and manuals, this should be enough.
But when I plug in my laptop to port 1 and set IP 192.168.10.10/24 with gateway 192.168.10.1 I cannot ping my gateway or other gateways (192.168.20.1, and 192.168.30.1).
Same happens if I set IP address from VLAN20 or 30 to my laptop.
I tought this should be easy and VLANs would see eachother.
If I add address directly to port on Mikrotik without creating VLAN it is working.
My goal is to have all 8 ports in trunk for these 3 VLANs and all devices in those 3 VLANs can access eachother.
Thank you.
Actually I would like it to act more as a router, not a switch.
For those 3 VLANs, Mikrotik would be a gateway and routing between VLANs should be on it.
I have not used VLAN filtering, it is set to default. I only did those steps, written above.
I can post my cofig, if it will make it clearer.
Hello.
Really? Eventhough it says it can work as a router?
Basicly i want to separate my network from other network whic would be NATed for access.
I was thinking I could use this model as separator and have 3 VLANs for second network on it. Traffic will be small and slow. I can provide with network diagram, if it will clear things. I really am stuck…
It can work as a router, but performance is below mediocre. Look at official test results. Even in most optimistic interpretation it can’t route at more than a few hundred Mbps. Reslistic real-life performance estimate is number, listed as “routing - 25 ip filter rules - 512 bytes”, for your device it’s mere 30Mbps.
If you would like push forward with configuring it as router, then show us you current (non-working) config.
I had no vlans and one simple routing entry. I got realistic 10 MBit/s.
And hardware offload was already active.
Version 7.12 and 7.13 tested.
From my own experience I would recommend a crs328. It does routing a little better.
I ended up building an esxi vm and bought a license, as the 328 was to weak for vpn.
My routing including site2site VPN with high encryption settings works great with a vm of 4 cores at each 2,5 GHz.
(At least the bottleneck is now on the other side )
Ok, thank you.
Can you please help me with what I’m doing wrong with my configuration anyways? I would like to understand why it is not working as I tought it would. Never mind performance.
Apart from VLAN interfaces (which allows CPU to talk to individual VLANs) you don’t have any VLAN configuration in place. So none of ports are members of any of VLANs.
Be careful because it’s very easy to cut off your management access and only reset to factory defaults helps. So export/backup often, use “safe mode” extensively (unless you foresee that connectivity will break because it has to). And make sure you add switch-cpu interface as tagged member of all VLANs, otherwise CPU won’t see any of traffic it has to (for routing).
)