I’m currently stuck with a basic concept of a network. I’m using 6x L009UiGS as suite routers and 60GHz antennas from MikroTik. One of the L009UiGS (suite 1) is connected with a 5G modem (ETH1). The device of suite 1 should have all the firewall rules/NAT rules relevant for the internet.
Because there should be a separate network on each suite, every L009UiGS has a bridge with the ports 5 to 8 activated. There is also a DHCP-Server activated for that.
Ports 1-4 should be the Antenna network to distibute the safe WAN connection (except the suite 1 which is only port 2 to 4 because of the WAN uplink).
I’ve read some posts that creating a second bridge shouldn’t be an option for that (but that i did get working). How would be the right concept for that network looks like? I thought about VLANs but the 60GHz antennas will not provide good results in speed, but maybe there is another way.
The question I have is do you want each suite to provide its own DHCP networks aka each SUITE is acting as a router OR, do you want each suite acting as a switch, and in both cases all controlled by a single management network??
I dont have a clue by what you mean antenna networks???
Eth1 on suite 1 is the single WAN for all these suites correct>>>
The idea is that every router provides a DHCP network for the suite where its installed, which is enabled at 4 ethernet ports of the router (port 5-8). So each router has its own configuration for its own network.
The antenna network should be a seperate network, or lets say the safe WAN uplink connection for each router in the network. Suite 1 router gets the WAN and act as a centralized firewall. Then, suite 1 router should distribute this already safe internet connection to all routers in an seperate network (10.99.99.0/24) and also on its own bridge (for the 192.168.0.0/24 network).
Eth1 on suite 1 is a single WAN for all devices, correct
Normally there are only 2 ports in use. One suite has 3 Antennas and maybe there are some other locations we need to distibute the network with more than two antennas at one suite.
I think i’ve found a solution by adding VLAN filtering to the bridge and creating two VLANs. One is the antenna VLAN and the other is the suite VLAN. By untagging the right ports for each VLAN in the bridge, i will get two seperate networks on each router. Then just masquerade the suite VLAN and use the antenna VLAN as outgoing interface.
The DHCP server on each suite also works when using the suites VLAN as interface.
There is no need to use the VLANs directly on the antennas. By untagging the 10.99.99.0/24 network, there is no physically VLAN that the antennas can see. Everything else is working with routes, so communications between the 192.168.0.0 and 192.168.1.0 network is possible.
