I am new to Mikrotik and need some advice in terms of technical feasibility.
I have to restructure my home network. My home office will move from the ground floor down to the basement. The difficulty is that I can only run one single fiber cable between both areas. Also, the place of the handover point for the internet access cannot be changed.
The plan is to use the current FRITZBOX as the ‘provider router’ and as a DECT PBX. WiFi will be completely disabled on the FRITZBOX.
The additional networks including WiFi will be ‘hidden’ behind a RB4011. Various VLANs will run on a CRS326. The VLANs will be trunked to the RB4011.
I have attached a simple sketch of what is planned. Is it technically possible to have et10 on the RB4011 configured as an access port for VLAN30?
I shall be most grateful if someone could advise accordingly.
Is it technically possible to have et10 on the RB4011 configured as an access port for VLAN30?
Sure why not…
You can apply Bridge VLAN filtering on RB4011, which will be implemented in Software ( CPU Resources ) ofcorse…
If it was only to use the SFP port as the Trunk port, personally i would not create any Bridge or anything, i would create the VLANs directly on the SFP port… However since you want to use one of its ports as an Access port for one of the VLANs, then i think Bridge VLAN filtering is the right choice…
More importantly is do you want the RB4011 to act as a router getting a private WANIP from the fritz box or do you simply want to run the RB4011 as a switch.
In terms of an ethernport to the hapac as an access port is easily done but since the hapac can read vlan tags most run the connection as a trunk port.
(vlan for home wifi, vlan for guest wifi, vlan for iot devices etc)
The one case where an access port works is if the hapac is only going to put out one SSID, carry only one subnet.
@anav is right on that, i never saw what you have connected on that Access port from the diagram…
You could as well configure it as a Hybrid port. A hybrid port acts an Access port as well as a Trunk port, it accepts Tagged and Untagged frames at the same time… When an untagged frame comes in on ingress, it will assign a PVID, if it is a Tagged Frame it will leave it as is without changing anything…
So, you could use Bridge VLAN filtering and create 2 Trunk Ports SFP and eth10…
