Hello,
I’m still getting my feet wet with all things Mikrotik.
I have what is hopefully an easy question and I’m just missing a step.
I’m currently running everything native on my network but I would like to add VLANS to expand my wireless network setup to allow for a segregated guest network and a VoIP network.
The equipment:
RB493AH
Cisco 3560
Ruckus Zone Director Wireless access point manager and access points
RouterBoard:
I have created the 3 Vlans (1,99,100) and associated them to interface Ether-8.
I have three bridges on the routerboard each with a unique subnet and DHCP server on the bridge.
Each vlan has an IP associated to it and is assigned to the appropriate bridge.
Ether-8 is not part of any bridge. It was part of the main Data Bridge, but I removed it when I added the VLANS. Is that correct?
Cisco:
Ether-8 is patched to a trunk port on the cisco.
Each VLAN exists in the Cisco Vlan Database and has an IP.
The access points are patched to the cisco on Trunk Ports
ZoneDirector:
3 SSIDs are created. Each SSID has an access tag for the associated VLAN.
Once I add the three vlans to ether-8, I start to have network problems. The cisco switch starts to report host flapping between the Mikrotik trunk port and the port of the access point that client is associated with. Devices that already have an IP can still make a route (albeit slowly) and can connect to devices on the Native Vlan 1. Devices that join the network are not able to to fetch an IP in any VLAN.
Any words of wisdom?
Export Snippets below.
MikroTik RouterOS 5.25 (c) 1999-2013
[admin@RB1] > /interface print
Flags: D - dynamic, X - disabled, R - running, S - slave
NAME TYPE MTU L2MTU MAX-L2MTU
0 ether1 ether 1500 1526 1526
1 R ether2-WAN ether 1500 1522 1522
2 ether3 ether 1500 1522 1522
3 ether4 ether 1500 1522 1522
4 ether5 ether 1500 1522 1522
5 ether6 ether 1500 1522 1522
6 ether7 ether 1500 1522 1522
7 R ether8-Cisco ether 1500 1522 1522
8 ether9 ether 1500 1522 1522
9 R BR-DATA bridge 1500 1522
10 R VOIP bridge 1500 1522
11 R BR-GUEST bridge 1500 65535
12 R main_vl vlan 1500
13 R guest_vl vlan 1500
14 R phone_vl vlan 1500
[admin@RB1] > /interface vlan print
Flags: X - disabled, R - running, S - slave
NAME MTU ARP VLAN-ID INTERFACE
0 R main_vl 1500 enabled 1 ether8-Cisco
1 R guest_vl 1500 enabled 99 ether8-Cisco
2 R phone_vl 1500 enabled 100 ether8-Cisco
[admin@RB1] > /ip address print
Flags: X - disabled, I - invalid, D - dynamic
ADDRESS NETWORK INTERFACE
0 192.168.222.1/23 192.168.222.0 BR-DATA
2 192.168.220.1/24 192.168.220.0 VOIP
3 192.168.99.1/24 192.168.99.0 BR-GUEST
4 D 192.168.12.18/24 192.168.12.0 ether2-WAN
5 192.168.222.3/23 192.168.222.0 main_vl
6 192.168.99.3/24 192.168.99.0 guest_vl
7 192.168.220.3/24 192.168.220.0 phone_vl
[admin@RB1] > /interface bridge print
Flags: X - disabled, R - running
0 R name=“BR-DATA” mtu=1500 l2mtu=1522 arp=proxy-arp mac-address=00:0C:42:34:93:56
protocol-mode=rstp priority=0x8000 auto-mac=no admin-mac=00:0C:42:34:93:56
max-message-age=20s forward-delay=15s transmit-hold-count=6 ageing-time=5m
2 R name=“VOIP” mtu=1500 l2mtu=1522 arp=enabled mac-address=00:0C:42:34:93:74
protocol-mode=none priority=0x8000 auto-mac=yes admin-mac=00:00:00:00:00:00
max-message-age=20s forward-delay=15s transmit-hold-count=6 ageing-time=5m
3 R name=“BR-GUEST” mtu=1500 l2mtu=65535 arp=enabled mac-address=00:0C:42:34:93:78
protocol-mode=rstp priority=0x8000 auto-mac=yes admin-mac=00:0C:42:34:93:56
max-message-age=20s forward-delay=15s transmit-hold-count=6 ageing-time=5m
[admin@RB1] > /interface bridge port print
Flags: X - disabled, I - inactive, D - dynamic
INTERFACE BRIDGE PRIORITY PATH-COST HORIZON
0 I ether4 BR-DATA 0x80 10 none
1 I ether5 BR-DATA 0x80 10 none
2 I ether7 BR-GUEST 0x80 10 none
3 I ether9 BR-DATA 0x80 10 none
4 I ether3 VOIP 0x80 10 none
5 I ether1 BR-DATA 0x80 10 none
6 I ether6 BR-DATA 0x80 10 none
7 I wlan-VoIPNEW VOIP 0x80 10 none
8 I wlan2-5G BR-DATA 0x80 10 none
9 guest_vl BR-GUEST 0x80 10 none
10 phone_vl VOIP 0x80 10 none
11 main_vl BR-DATA 0x80 10 noneThanks very much,
-Ben