Hello,
I’m trying to understand how to get the ‘switch chip’ on a RB2011, with multiple VLANs. RouterOS version is the new 6.40.
I tried several configurations that I found in the forum/wiki, but I wasn’t able to get anything going.
So, I wiped all configuration with a /system reset-configuration
at the first login after the reset I typed ‘r’ to remove also the default configuration, and then basically typed the following one, taken from this thread (only difference I have shortened the names and changed the dns servers): http://forum.mikrotik.com/t/vlan-configuration/96364/1
/interface ethernet
set [ find default-name=ether2 ] master-port=ether1
set [ find default-name=ether3 ] master-port=ether1
set [ find default-name=ether4 ] master-port=ether1
set [ find default-name=ether5 ] master-port=ether1
/interface vlan
add interface=ether1 name=VLAN10 vlan-id=10
add interface=ether1 name=VLAN20 vlan-id=20
add interface=ether1 name=VLAN30 vlan-id=30
add interface=ether1 name=VLAN40 vlan-id=40
/interface ethernet switch port
set 0 vlan-header=add-if-missing vlan-mode=secure
set 1 vlan-header=add-if-missing vlan-mode=secure
set 2 default-vlan-id=20 vlan-header=always-strip vlan-mode=secure
set 3 default-vlan-id=40 vlan-header=always-strip vlan-mode=secure
set 4 default-vlan-id=10 vlan-header=always-strip vlan-mode=secure
set 5 vlan-mode=secure
/ip pool
add name=pool10 ranges=10.10.10.100-10.10.10.200
add name=pool20 ranges=10.10.20.100-10.10.20.200
add name=pool30 ranges=10.10.30.100-10.10.30.200
add name=pool40 ranges=10.10.40.100-10.10.40.200
/ip dhcp-server
add address-pool=pool10 disabled=no interface=VLAN10 lease-time=3d name=dhcp10
add address-pool=pool20 disabled=no interface=VLAN20 lease-time=3d name=dhcp20
add address-pool=pool30 disabled=no interface=VLAN30 lease-time=3d name=dhcp30
add address-pool=pool40 disabled=no interface=VLAN40 lease-time=3d name=dhcp40
/interface ethernet switch vlan
add independent-learning=yes ports=ether1,ether2,ether5,switch1-cpu switch=switch1 vlan-id=10
add independent-learning=yes ports=ether2,ether3,switch1-cpu switch=switch1 vlan-id=20
add independent-learning=yes ports=ether1,ether2,switch1-cpu switch=switch1 vlan-id=30
add independent-learning=yes ports=ether1,ether4,switch1-cpu switch=switch1 vlan-id=40
/ip address
add address=10.10.10.1/24 interface=VLAN10 network=10.10.10.0
add address=10.10.20.1/24 interface=VLAN20 network=10.10.20.0
add address=10.10.30.1/24 interface=VLAN30 network=10.10.30.0
add address=10.10.40.1/24 interface=VLAN40 network=10.10.40.0
/ip dhcp-server network
add address=10.10.10.0/24 dns-server=8.8.8.8 gateway=10.10.10.1
add address=10.10.20.0/24 dns-server=8.8.8.8 gateway=10.10.20.1
add address=10.10.30.0/24 dns-server=8.8.4.4 gateway=10.10.30.1
add address=10.10.40.0/24 dns-server=8.8.4.4 gateway=10.10.40.1
I start with no network cables plugged anywhere.
Then, if I plug e.g. my Linux laptop to ether4 (which should be an access port in VLAN 10),
the computer doesn’t get any IP via DHCP server. BTW, there is no firewall set on the laptop.
And even if I try to set a static IP (e.g. 10.10.10.11/24) I’m not able to ping neither from PC to Mikrotik nor viceversa.
Running Wireshark on the laptop, if I ping from the Mikrotik I’m able to see the ARP request, and the answer, but ping is anyway unsuccessful.
I also tried to change oen the other access ports to the same VLAN 10, plugged another computer there and tried to get the two computers connected, but… no dice.
Is there something basic that is missing from that configuration, or why I’m not able to get this VLAN thing working?
Note that to try simplify the problem I’m trying to use just the first switch1, no attempt to access to outside/internet, etc.
Once I get this basic block, then I’ll start adding more functions later.