I have read the manual and tried to make vlan work but something is missing for me.
I have a switch that supports vlan and routerboard 500 soft version 2.9.43
i try to connect one computer to another in separated vlan.
Routerboard:
-vlan ID 20 and 30 assigned to interface eth1. Name vlan20 and vlan30
-vlan ID 30 assigned to interface eth2. Name vlan30eth2
-vlan20 ip address 192.168.1.1/24
-vlan30 ip address 192.168.2.1/24
Switch with interface linked to the routerboard’s interface eth1 tagged for vlan20 and 30.
-Computer 192.168.1.2 gw 192.168.1.1 connected to a static vlan 20 in the switcth with port pvid 20
-Computer 192.168.2.2 gw 192.168.2.1 connected to eth2 on routerboard.
I get ping working between computers when i add vlan30, vlan30eth2, and eth1 of routerboard in same interface bridge. Without bridging does not work, and bridging only vlan interfaces also does not work too. Should it be this way? Is there any other possibility rather than bridging physical and vlan interfaces?
I see tx and rx on interface eth2 but not on the vlan assigned to that port.
I feel i am missing something or I do not understand quite well mikrotik’s vlan implementation. If it is really needed to add bridge interfaces and how should it be added. I’m not sure that is separated at level2 if i need to bridge ethernet interfaces to keep things working.
Does someone have some working example of vlan with mikrotik. Any little clue could help.
I would like to use several interfaces statically assigned to several vlans and one interface as trunk interface should route all traffic between vlans or outside mikrotik but i need a real level2 separated networks.
Example pc1 or network1-> vlan1 interface eth1
pc2 or network2-> vlan2 inteface eth2
pcN or net N → vlanN interface ethN
trunk port for all vlans → interface Z
If i connect two mikrotik boxes with same configuration using trunk port. network or pc1 on one side should reach pc1 or network on the other side despite i have not default gateway on pc1 because it should be connected at layer 2 theoretically. I need layer 3 device to route between vlans only. Is that right?
Is it possible to have this working with mikrotik?
How?
Thanks all for your time and pardon my bad English.
Think more or less I have it working some way. I try to explain and maybe will help someone.
Routerboard eth1 is a trunk for vlan2 and vlan3.
eth2 belongs to vlan2
eth3 belongs to vlan3
the trunk port is connected to a switch 802.1q that tags both vlan 2 and 3. Several switch ports belong to vlan2 and others to vlan2
I can connect a computer in switch vlan2 and communicate with computer connected to routerboard eth2 (vlan2 too). Same for vlan3 when computer is connected to MT eth3
Solution (don’t know if it is the only one but it worked for me)
create interface vlan2trunk with id 2 assigned to physical interface eth1
create interface vlan2eth2 with id 2 assigned to physical interface eth2
create interface vlan3trunk with id 3 assigned to physical interface eth1
create interface vlan3eth3 with id 3 assigned to physical interface eth3
ip address for vlan2trunk
ip address for vlan3trunk
create interface bridge-vlan2 with ports
vlan2trunk
vlan2eth2
interface eth2
create interface bridge-vlan3 with ports
vlan3trunk
vlan3eth3
interface eth3
With that configuration i can interconnect computers belonging to same vlan and with ip address rightly configured in the computers route between vlans.
I think the configuration could be simpler (If eth2 and eth2 are attached to computers):
remove the vlan2eth2 and vlan3eth3. If I understand the VLAN on MT correctly it should work too. A VLAN interface should be created only on a physical interface which does receive tagged packets (i.e trunk mode interface).