Hi,
We’re using layer 2 backbone (RouterOS only).
Need to create Virtual LAN between 2 networks, so user with laptop could roam without having to change his IP.
Such configuration could be done with EoIP, but it works unstable in combination with bridges…
The idea is to use VLAN, but the problem is how to configure everything…?
Where to set VLAN interfaces? Which interfaces to bridge?
Any help would be appreciated!
Thanks!
Denis.
Why can’t you use DHCP within each network to make roaming easy for your laptop clients?
I’ve not seen any problems with EoIP and bridges in particular. Could you elaborate on this point?
–Tom
Sorry for the OFF TOPIC,
Denis, what program do you use to make that diagram??
Best regards
kike
Sorry, I’ve described the need of VLAN a bit incorrectly…
I need VLAN not specially for roaming clients – what I need is client’s “corporate” LAN inside ours.
Talking about DHCP – sure there is one…
While trying to configure EoIP for similar needs I’ve had to reset router twice… Also the percent of successfull RouterOS upgrades on routers with EoIP and bridges - 50/50… At least for me…
Anyway… I’ve read topic http://forum.mikrotik.com/t/secure-vlan-trunk-and-wisp/5776/1 but still can’t understand which interfaces to use as primary for VLANs and what actually to bridge…
Microsoft Visio 2003
I still do not understand why you would need any VLAN at all, given the network from the diagram you posted. What I’m seeing in that diagram are two networks, one of them being your distributed layer 2 wireless infrastructure and the other being that second network you labeled “VLAN”.
Why is that second network a VLAN, or more exactly, why would you need it to be one? It just looks like two seperate layer 3 networks to me, so just route between them and setup firewall rules and/or VPN if security is needed between the two networks…?
–Tom
I need this to separate our traffic and client’s traffic, but leave routers CLIENT-2 and CLIENT-3 as part of the backbone…
I have something similar to yours that works for me. This will create vlan with id 1 for your customer (10.0.15.0/24):
create vlan1 with id=1 on bridge interface in CLIENT-2. Ensure that ether1 in both CLIENT-2 and CLIENT-3 are not part of the default bridge. I assume bridge1 is the bridge set on both units
In CLIENT-2, create the vlan within bridge1 and bridge this vlan to ether1
/interface vlan add name=vlan1 interface=bridge1 vlan-id=1
/interface bridge add name=bridge-vlan1
/interface bridge port add bridge=bridge-vlan1 interface=vlan1
/interface bridge port add bridge=bridge-vlan1 interface=ether1
In CLIENT-3, create the vlan on bridge1 and bridge this vlan to ether1
/interface vlan add name=vlan1 interface=bridge1 vlan-id=1
/interface bridge add name=bridge-vlan1
/interface bridge port add bridge=bridge-vlan1 interface=vlan1
/interface bridge port add bridge=bridge-vlan1 interface=ether1
Devices connected to ether1 on both CLIENt-2 and CLIENT-3 will communicate direclty using vlan1, assuminig Layer2 operational as shown in your diagram. I assume all the devices are MT (like mine), capable of passing vlan and tags on wireless.
Hope this helps.
Sonny
Yeap! That’s it!
Thanks!
ALTERED:
Well… don’t know why, but two of three vlan “members” are hanging up RouterBoards about once in an hour…