Hi,
I’ve searched in the forum about this topic, but didn’t find a solution.
Is it possible to make all RB2011 ports as VLAN trunk?
The idea is to transport any VLAN (already tagged) from AP to PPPoE Server, keeping redundancy of link between all RB2011 in the tower.
This way we can set each AP to a distinct VLAN, keeping isolated the traffic from each to other.
In this diagram, VLAN 700 flows from AP to PPPoE Server through RB2011 to Core Switch (all ports in trunk mode too) and vice-versa:
Depending on the RouterOS version:
https://wiki.mikrotik.com/wiki/Manual:Interface/VLAN
Newest version:
https://wiki.mikrotik.com/wiki/Manual:Interface/Bridge
You should adapt the configuration to your needs
Right, but in this scenario RB2011 will not tag or untag VLAN.
The aim is to configure RB2011 only to transport tagged VLAN from PPPoE Server > AP and vice-versa without modifying them.
It seems the only way is to create a bridge and add all ports to it (or use a VLAN capable switch with all ports in trunk mode, allowing VLAN from 1 to 4094 to passthrough)
??
tomasi, I’m not aware of that type of setting, even on a Cisco device which has that capability you’d still need to define the VLAN in the database for traffic to move correctly.
Regardless, open trunks that don’t explicitly set the VLAN that is needed is a poor security practice.
Take the first replies advice and setup what you need in either the switch chip, legacy bridges or the new VLAN aware bridges. No IP addresses need to be assigned, in any of those setups you can perform simple layer 2 bridging.
Right,
I found the answer in this wiki:
https://wiki.mikrotik.com/wiki/Vlans_on_Mikrotik_environment
Where he says:
Interfaces eth3,eth4 are trunk ports and and only need to forward tagged packets. We do not need to do any tag add/remove so there is no need to add vlans.
