Issue with VLAN and trunk ports

gkrellm · August 2, 2017, 2:13pm

Hi,
I am following this tutorial:

https://wiki.mikrotik.com/wiki/Vlans_on_Mikrotik_environment

and I am trying to replicate third example.

Basically, I have a device between two trunk ports.
Trunking is working fine. I am able to ping from each “side”.

Problem arise when I try to add access port on “middle” Mikrotik device.
I stricly followed tutorial’s step:

add VLAN with correct vlan-in on bridge-trunk
add bridge for VLAN
bridge that VLAN on new bridge
bridge ethernet port on new bridge

Anyway, it is not working.
Odd enough, it seems that ping works fine for few seconds, and then stops.

Any help?

LEFT DEVICE (ether9 is trunk)

/interface vlan
add interface=ether9 name=vlan100 vlan-id=100

/interface bridge
add name=bridge-vlan100

/interface bridge port
add bridge=bridge-vlan100 interface=ether7
add bridge=bridge-vlan100 interface=vlan100

RIGHT DEVICE (ether2 is trunk)

/interface vlan
add interface=ether2 l2mtu=1514 name=vlan-100 vlan-id=100
/interface bridge
add name=bridge-vlan100
/interface bridge port
add bridge=bridge-vlan100 interface=ether3
add bridge=bridge-vlan100 interface=vlan-100

DEVICE IN THE MIDDLE (ether1 and ether2 connect two other devices on their trunk ports)

/interface bridge
add name=bridge-trunk
/interface bridge port
add bridge=bridge-trunk interface=ether1
add bridge=bridge-trunk interface=ether2

Now I try to add ether3 on vlan100

/interface vlan
add interface=bridge-trunk name=vlan100 vlan-id=100

/interface bridge
add name=bridge-vlan100
/interface bridge port
add bridge=bridge-vlan100 interface=vlan100
add bridge=bridge-vlan100 interface=ether3

teamer · August 2, 2017, 3:30pm

Try to disable RSTP on all bridges with trunk ports.
What ROS version are you using?

idlemind · August 2, 2017, 3:47pm

I’d recommend upgrading all devices to 6.41rc and using the new VLAN aware bridges. It’s the future and will be consistent across models while enabling available hardware features in the switch chips when possible.

In 6.41rc+ please don’t disable STP as a testing process. Like any other version you could cause looping if you do. There was an algorithm change in the 6.38 time frame that meddled with STP but that’s been corrected in the newer versions.

gkrellm · August 3, 2017, 1:07pm

Hi, I just upgraded to 6.38.1 and I still have problems.
I removed RSTP on bridge with trunk ports, and now it is working fine.
Anyway, I have no “loop” in my layer2, this is strange..
Thank you

idlemind · August 3, 2017, 3:43pm

Yup, in those code ranges the algorithm for STP was fiddled with and did cause issues. I would strongly recommend you look at the new 6.41rc and future releases with STP enabled so you can add redundant links for fault protection. Not to mention the more straightforward VLAN configurations while maintaining hardware offload for maximum speeds.