Hi,
I’ve had some Mikrotik devices lying around for a while now, and never really took the time to configure them the right way (I’ve been using bridges instead of the switch chip).
Last week, I’ve spent too many hours getting this right. Most parts work, yet I’m having some issues with the trunk to the RB951. Clients connected to ether3-4 of the RB951 (at the moment I’ve configured eth5 as backup port) receive a DHCP-lease and can access the internet, while a STB connected to ether2 doesn’t receive a stream (a STB connected to ether9-16 on the CRS125 does work). Finally, the management IP (192.168.2.253) of the RB951 is unreachable too, when pinged from anywhere.
CRS125:
/interface ethernet
set [ find default-name=ether2 ] master-port=ether1
set [ find default-name=ether3 ] master-port=ether1
set [ find default-name=ether4 ] master-port=ether1
set [ find default-name=ether5 ] master-port=ether1
set [ find default-name=ether6 ] master-port=ether1
set [ find default-name=ether7 ] master-port=ether1
set [ find default-name=ether8 ] master-port=ether1
set [ find default-name=ether9 ] master-port=ether1
set [ find default-name=ether10 ] master-port=ether1
set [ find default-name=ether11 ] master-port=ether1
set [ find default-name=ether12 ] master-port=ether1
set [ find default-name=ether13 ] master-port=ether1
set [ find default-name=ether14 ] master-port=ether1
set [ find default-name=ether15 ] master-port=ether1
set [ find default-name=ether16 ] master-port=ether1
/interface vlan
add interface=ether1 l2mtu=1584 name=vlan6 vlan-id=6
add interface=ether1 l2mtu=1584 name=vlan10 vlan-id=10
/interface pppoe-client
add add-default-route=yes disabled=no interface=vlan6 name=pppoe user=xxx
/ip pool
add name=vlan10 ranges=192.168.2.10-192.168.2.240
/ip dhcp-server
add address-pool=vlan10 disabled=no interface=vlan10 lease-time=4h name=\
vlan10
/interface ethernet switch egress-vlan-tag
add tagged-ports=ether1,switch1-cpu vlan-id=6
add tagged-ports=ether1,ether2,switch1-cpu vlan-id=10
add tagged-ports=ether1 vlan-id=4
/interface ethernet switch ingress-vlan-translation
add new-customer-vid=10 ports=ether3,ether4,ether5,ether6,ether7,ether8
add new-customer-vid=4 ports=ether9,ether10,ether11,ether12,ether13,ether14,ether15,ether16
/ip address
add address=192.168.2.254/24 interface=vlan10 network=192.168.2.0
/ip dhcp-server network
add address=192.168.2.0/24 dns-server=192.168.2.254 gateway=192.168.2.254
/ip dns
set allow-remote-requests=yes servers=8.8.4.4,8.8.8.8
RB951:
/interface ethernet
set [ find default-name=ether2 ] master-port=ether1
set [ find default-name=ether3 ] master-port=ether1
/interface vlan
add interface=ether1 l2mtu=1594 name=vlan10 vlan-id=10
/interface ethernet switch port
set 0 vlan-header=add-if-missing vlan-mode=secure
set 1 default-vlan-id=4 vlan-header=always-strip vlan-mode=secure
set 2 default-vlan-id=10 vlan-header=always-strip vlan-mode=secure
/interface ethernet switch vlan
add independent-learning=no ports=ether1,ether3,switch1-cpu switch=switch1 vlan-id=10
add independent-learning=no ports=ether1,ether2 switch=switch1 vlan-id=4
/ip address
add address=192.168.2.252/24 interface=ether5 network=192.168.2.0
add address=192.168.2.253/24 interface=vlan10 network=192.168.2.0
I’ve been through the wiki countless times, and could use some help by now.