RB450 Switch

I have configured an RB450 with ports 4 and 5 as slaves of port 3.
I have used this config many times with vlans attached to port 3.
Devices in ports 3,4,5 can therefore share the vlan id. It works fine.

Recently I have a need to have the same setup AND allow the devices in ports 4 and 5 to communicate with each other.

Devices in ports 4 and 5 are able to communicate with each other if the packets have no vlan tags.
As soon as I add vlan tags to the devices connected to ports 4 and 5, the devices in ports 4 and 5 can no longer ping each other.
They can communicate with the cpu via the port 3 vlan just fine.

My understanding of the 450 (non-G) switch chip from the wiki is that packets with tags are treated as if they have no tags.
I took that to mean they are simply passed. Otherwise, how do tagged packets arriving on any port make it to the CPU?

But what seems to be happening is packets with tags are dropped unless they are destined for the cpu.

Is this expected behavior or is this a bug?

I’d like to achieve wire speed between ports 4 and 5 with tags intact.

need more info like version and config.

I have tried: 4.11, 4.17, 5.1, 5.2. So I’m pretty sure this is expected/normal behavior.
I’m simply looking for confirmation and perhaps a note in the wiki about it.
I’d also like to know why it doesn’t work.
If the switch chip were incapable of passing tagged packets then vlans on the cpu would not work at all.

The config is simple, 4&5 are slaves of 3. vlan10 is on port 3.
The 450 vlan 10 has 10.0.0.1/24
Devices plugged into 4&5 have addresses in the 10.0.0.0/24 subnet.

{mac addresses have been removed}

/interface ethernet
set 2 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited comment=\
    "" disabled=no full-duplex=yes l2mtu=1522 \
    master-port=none mtu=1500 name=ether3 speed=100Mbps
set 3 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited comment=\
    "" disabled=no full-duplex=yes l2mtu=1522 \
    master-port=ether3 mtu=1500 name=ether4 speed=100Mbps
set 4 arp=enabled auto-negotiation=yes bandwidth=unlimited/unlimited comment=\
    "" disabled=no full-duplex=yes l2mtu=1522 \
    master-port=ether3 mtu=1500 name=ether5 speed=100Mbps
/interface vlan
add arp=enabled comment="" disabled=no interface=ether3 l2mtu=1518 mtu=1500 \
    name=vlan10 use-service-tag=no vlan-id=10

Devices plugged into 3,4&5 cannot reach each other on vlan 10.
arp returns nothing.

Devices plugged into 3,4&5 can reach the cpu on vlan 10 and vice versa, that communication works fine. I have been using this config for some time and never had a reason for ports 3,4&5 to talk to each other – until now.

Devices plugged into 3,4,&5 can reach each other if there are no vlan tags.

Still missing switch config, port config, port vlan config, etc.

I’m not sure I understand your question.
The RB450 has virtually no switch config.
There are no port vlan’s. There are no rules, etc. It doesn’t support those features of ROS.

/interface ethernet switch
set switch1 mirror-source=none mirror-target=none name=switch1
/interface ethernet switch port
set (unknown)
set (unknown)
set (unknown)
set (unknown)

The only vlan is assigned to port 3 of the RB450 as shown in the previous post.
There is no other switch involved.

This isn’t a question of “I’m a noob, how do I get vlan’s to work?”

It’s a question of “Is this expected behavior from an RB450?”

If the answer is “Yes” I will move on. If the answer is “No” then something is wrong, either with my config or my device.