Hi all.
I know what Iβd like to do, just not 100% sure if it can be done, hence the post.Iβm new to VLANS and Mikrotik, besides some very basic AP/DHCP configs. I know what I want (I think 
)
Physical:
Internet (100 down / 50 up) β fibre cpe β MT2011Ui-AS-RM β other devices . The MT2011 will be the DHCP / VLAN / QoS server. Firewall will be purely for blocking / IDS / IPS / proxy (possibly) / VPN server etc
2011 Gb ports:
port1 WAN in. (What, if any, VLAn does this need to be on? Management VLAN?)
port2 VLAN 10- > Firewall β dumb switch β AP
port3 VLAN 20 β Free port for testing. Is it possible that data on this port βskipsβ any config on the Mikrotik?
2011 Fe ports:
Port6 VLAN 30- > AP1 room1 (old ADSL router setup as an AP β AP2 room2 (old ADSL router setup as an AP)
QoS:
Skype (highest priority) (I use this for outgoing calls to mobiles)
HTTP/S (next highest priority)
VLANβs: (all /28 networks, my assumption is this leaves more resources on the router & makes the network ever so slightly faster. Is this correct?) . Also what is my limit in terms of IP ? IE Would 200.17.250.x-y be a suitable IP range for VLAN10, making VLAN20 200.18.250.x-y ?
10 - full speed
20 - full speed
30 - 5Mbps. 10Mbps burst per device (max 8 devices)
90 - Management VLAN? Would the APβs / MT2011 be on this VLAN? (Would this also be a /28 or in theory could it be a /29 network?)