Help with port based vlan rb4011 pls

chrismal · May 7, 2023, 6:56pm

Hi I have a situation where I need to have 2 ports on separate networks but want a VlAN for each network that would go to the unifi AP as I want SSIDs for those networks,
Example
port 2 192.168.1.1/24 main lan with trunk port for vlans and unifi AP
port 3 192.168.10.1/24 and a vlan that goes to the ssid 3 (example vlan 10)
port 4 192.168.11.1/24 and a vlan that goes to the ssid 2 (example vlan 11)

Any help on how to do this? or a better plan ?as I might be going about this wrong? I tried to put the ports 3 and 4 on a VLAN while trunking to port 2 for the AP but couldn’t do it in ROS.

Thanks A LOT for any ideas

Regards

btw any idea why in the switch menu I do not have VLAN tab?

mkx · May 7, 2023, 8:46pm

RB4011, even though it’s got 2 switch chips, can’t be configured directly with switch chip menus. Instead one has to configure bridge … on ROS v7.1 and later, bridge is offloaded to HW. So use this tutorial as inspiration.

So far there’s a bug, affecting HW offloaded VLAN traffic on RB4011: if a VLAN spans both switch chips (i.e. both ports ether1-5 and ether6-10), then bridge has to be tagged member even if device doesn’t interact with that VLAN on IP level (read: even if RB4011 only switches traffic between ether ports).

chrismal · May 8, 2023, 9:15am

Thanks a lot