Hello all. I have to admit that while I have a number of years background as a system admin, my network exposure has been more from the user perspective.
So, while I think I have most of the basics, configuring the RB4011 is still a task for me.
Currently, I have my RB4011 configured as my home network DHCP server, as well as the Internet router/firewall (minimal rules).
I have a cable modem connected to port 1, which is designated as WAN in the RB4011, which then does NAT to the remaining ports (LAN).
I now have Internet service with 1.4Gbps downstream capability and a new cable modem with a single 2.5Gbps Ethernet port.
I have at least two clients with multi-gig adapters, so I also added a managed switch with 4x10Gbps ports.
Since the RB4011 only has a single SFP+ port, I envision I need to do something like this:
CableModem → 2.5Gbps port on switch → 10Gbps port on switch → RB4011 SFP+
I want the RB4011 to then be able to route/NAT back to the switch for clients on it, and hopefully also to the remaining RB4011 ports.
I’d also like to keep it as the DHCP server.
I think I need to assign VLANs to do so, and probably update my RB4011 config accordingly.
Is this design sound so far? And if so, what would be the steps?
You need to enable VLAN support on the RB4011 and the Switch. Use RB4011 as a RoaS as depicted here: http://forum.mikrotik.com/t/using-routeros-to-vlan-your-network/126489/1
The SFP+ of the RB4011 and the corresponding Switch-Port will both be trunk ports.
The Port on the Switch, where the new cable-Modem is connected will be an access-port (if the Modem ist not VLAN capable)
Define a dedicated VLAN for that 2.5G-Cable-Modem connection
Then add this VLAN to the WAN interface-list on the RB4011 and enable NAT on it.
Your setup is almost exactly how I do mine, but MAKE SURE your PHY rates make sense on all sides, as I had that happen and my internet speeds got sliced 20x.
The question I have is do you bridge the data vlans for the subnets and then assign the bridge port the SFP (trunk) port, and the other two VLANS lets say 30 and 40 (isp1 and 2), one just creates them and attaches them to the SFP+ interface when defining those ISP related vlans and then selects the vlan for the respective entries as dhcp clients??
Okay, I think I have my switch configured, but I’m still a bit lost on what exactly I need to change on my RB4011.
On my RB4011, I..
.. created the new VLAN 100 (Interfaces > VLAN) and assigned it to the sfpplus interface.
.. added vlan100 (Interfaces > Interface List) to WAN and removed ether1.
FiberModem SFP±—CRS305—SFP±–RB4011.
I don’t use any VLAN. The fiberModem, 8G/0,7G use router mode, not bridge mode ., DHCP server disabled
All RB4011 interfaces are in same bridge. I just use one IP Address for DHCP Server , DNS, FW, WEB PROXY, VPN Server .
All traffic goes through the RB4011, coming from PCs connected to CRS305, or Wifi from FiberModem.
I can see , 4,5 Gbits/s in stats during file transfert , and 8 Gbits/s during speedtest . RB4011 support probably 9 Gbits/s in reel life.