CRS3XX and 802.1ad

mwittchen · July 10, 2018, 3:18pm

Hi everybody,

I’m currently a little bit in trouble to set up the VLAN configuration on the new CRS3XX switches. Usually (e.g. on a CRS212) we defined the necessary 802.1ad tags (820 as vlan-id, 80 as service-id) on an access port via

/interface ethernet switch ingress-vlan-translation
add customer-vid=0 new-customer-vid=820 new-service-vid=80 ports=ether2
/interface ethernet switch egress-vlan-translation
add customer-vid=820 new-customer-vid=0 new-service-vid=0 ports=ether2

Any untagged traffic on ether2 is tagged with the right Q-in-Q tag combination.

Now I’m wondering how to configure this tagging with the new CRS3XX devices? Does anyone know how to solve this problem?

Best regards,

Maik

chechito · July 10, 2018, 10:35pm

https://wiki.mikrotik.com/wiki/Manual:CRS3xx_series_switches#VLAN_Tunneling_.28Q-in-Q.29

test carefully RC versions are for testing

mwittchen · July 11, 2018, 7:52am

Hello chechito,

thank you for your reply.

test carefully RC versions are for testing

Sure, currently I’m running 6.43rc42 and configured the device as described in your link. I’ve tried to use a switch rule like

/interface ethernet switch rule
add new-vlan-id=820 ports=ether1 switch=switch1

which works, but unfortunately there is no option to set a new service-vlan-id. What I’m missing is a command line like

/interface ethernet switch rule
add new-vlan-id=820 new-service-id=80 ports=ether1 switch=switch1

To explain my use case a bit more: We are using a lot of CRS (e.g. CRS212-1G-10S-1S+) and mark the incoming traffic with a defined vlan-id for the customer and a defined service-id for the carrier. This works like a charm. Any other things I tried (e.g. creating a vlan-interface with use-service-tag and a bridge) were working more or less, but always results in software bridging which isn’t an option.

chechito · July 11, 2018, 4:12pm

CRS 2xx and 1xx are different switches because use different chipsets

in CRS 3xx vlan dont configure by switch menu they configure by bridge menu, maybe QinQ in new CRS 3xx switches does not work yet

artz · July 12, 2018, 7:20am

As soon as you set vlan-protocol=802.1ad, then all VLAN tagging, untagging and filtering is done by checking VLAN tag with Ethertype=0x88A8 (SVID), all CVID tags are ignored and considered as untagged traffic. Selective QinQ currently is not supported on CRS3xx.

Also note that by setting vlan-protocol=802.1ad, you are enabling all VLAN related functions (including options in /interface ethernet switch) to use SVID tags globally. This means that ACL rules will only add a SVID tag or match a SVID tag.

mwittchen · July 18, 2018, 7:35am

Hello artz

Thank you for clarifying the current q-in-q (or better q-or-q ) implementation in the CRS3XX switches. I thought I misunderstood the documentation. It’s a bit disappointing because the new CRS are great devices.

MWComms · September 12, 2018, 12:35pm

Can we interpret your statement as Selective QinQ will be supported in the future?

Rewriting Ingress/Egress S-VLAN and C-VLAN is absolutely essential for my use. I had planned to use the 3XX series switches in my datacentres. This may be a dealbreaker.

Are the ‘new’ switch rules also handled by the switch chip or offloaded to the CPU?