Hello!
I just purchased my first Mikrotik device. I got a RouterBOARD 3011UiAS, and am currently using the default config. ether1 is my WAN port and getting a DHCP address from my provider. ether2 is a master to ether3-ether5. ether6 is the master of ether7-10. I have one network defined and there is a bridge that is attached to ether2-master and ether6-master. DHCP is working and all my devices are able to connect.
I currently have an access point plugged into ether10 (using PoE). Everything is working just fine as is, and I am completely happy. Moving forward, I am redoing my media center and running a cat6 cable to get rid of some wireless performance issues I’ve been seeing. I plan to put a switch in my media center to hard wire all the devices. But I have some devices that I would like to separate from the rest of my network.
Here is what I want to do, I was hoping you could tell me if I am setting myself up for failure.
I want to create two vlans:
vlan100 - trusted (192.168.1.0/24)
vlan101 - untrusted (192.168.2.0/24)
I will need ether10 to be a trunk port to allow my wireless AP to service clients on both networks.
I have one device that will need to be connected to an access port for vlan 100
I have one port that will need to be a trunk port to the switch in the media center. One of those devices will need to be on vlan100 and the rest on vlan101.
So, what I am thinking is:
ether10 - trunk with both vlans for AP
ether2 - access port for vlan 100
ether6 - trunk port for vlan’s 100 and 101
So, I know I need to create the vlans. I will assign vlan100 to ether2. I get how that works. But I’m not quite understanding where the bridge plays in. Vlan 100 will be on ether10, ether2, and ether6. Do I need to create a bridge and add the vlan’s to the bridge and place all three interfaces in it?