Offline (lan Only) VLAN setup

RouterOS Beginner Basics
1

Hi guys, I have been trying for the longest time to get this to work.

No DHCP, No Internet. the system is all local and within the future will be connecting to the other network (same offline local)

goal is that only devices with static IPs that are within the Vlan can only speak to each other and travel thru the whole network but being trunked with other vlans

setup as such

Main Bridge1 all traffic port1 (Ether1 or SFP)

all other switches on 10.10.0.XX range
vlan1-MANAGEMENT

VLAN2-CARDACCESS
10.0.0.1/24
VLAN5-CCTV
192.168.1.1/24
VLAN3-INTERCOM
10.20.0.1/24
VLAN4-OTHER
10.13.0.1/24
Ports
1 -7 / 8 Main transfer (TRUNK)

2-5 CARD ACCESS 10.0.0.1/24

6 CCTV 192.168.1.1/24

(NONE) INTERCOM 10.20.0.1/24

(NONE) OTHER 10.13.0.1/24


now ive set it up using Only bridge mode not router mode, which i think should be fine


question?

do i need to set all vlans regardless if i am using the ports on switch a b and c but not using on D E and F
e.g

INTERCOM 10.20.0.1/24 being used on switch AB- EF- and not CD-G

should i set up one switch as a router or can everything simply be set to bridge mode.

2

In trunk ports you only need those VLANs which have to be present on other end of the trunk link.

On devices you only need vlan interfaces (those created in /interface/vlan) for VLANs where device needs to interact on IP layer (if it’s only for switching between different bridge ports, then configuration under /interface/bridge/vlan and /interface/bridge/port is enough).

You need router if devices in different VLANs are supposed to connect to each other. Any MT device running ROS can act as router but some are low-capacity routers (e.g. CRS line of switches).

3

thank you for that info,

i am using 1X CRS354-48P 1XCRS328-24P and 10X RB5009UP+S+

and you’re saying each device must have the exact same VLAN config on each device? am i able to config on one switch and copy to the others directly - then assign each ether independently

i would want 3 ports as a trunk per switch which would allow communication of all VLANs within and management