Hello,
I’m wondering if someone could help me.. I’m interested in buying a RB751G-2HnD (Router OS L4) and I have a few questions:
Will the router be able to understand and segregate packets which are 802.1Q tagged? Will these appear on individual [virtual] interfaces to the router?
Can the router support individual DHCP server instances on each of these virtual interfaces? i.e. can the router operate a difference DHCP server config for each VLAN?
Can the router support multiple wireless SSIDs? The encryption type, but not password, can be the same.
Can I specify forwarding policies between the different VLANs, SSID and a PPPoE interface?
I’d like to hang an ADSL2+ modem (e.g. Vigor 120) off one of the ports using PPPoA/PPPoE bridging - does the router support PPPoE with an MTU of 1500?
I’m pretty savvy with Linux networking, but I don’t fully understand the details of these Atheros (?) based routers. I used to do a lot with OpenWRT so I know Atheros usually have a single network interface and use an embedded switch but I’m not 100% the RB751G-2HnD operates like this. The user guide doesn’t say very much about the s/w capability and the online demoes are for different models (Router OS5). I’m pretty sure I can do all of the above based on what I’ve read in forums but I’d like confirmation before I take the plunge.
That’s great, thank you very much for the quick response cbrown.
Now that I think about it, I have a follow-up question - what is the architecture of the networking fabric on the 751G-2HnD?
Is it five individual network interfaces (I doubt it) or is it a single interface with a switching fabric similar to the one below? http://wiki.openwrt.org/doc/uci/network/switch
Although it’s not a deal breaker I’m wondering if I could use the internal switch to tag some of the ports on the 751G-2HnD, while on other ports to just pass through the tags being provided by an external switch (the Netgear GS108T)? I’m not looking for QinQ, just allowing externals tags through on some ports while actively tagging others.
Thanks again.
Jason
If I’m reading it correctly the 751G-2HnD has an Atheros8327 switch chip - and it can be both as you say - what it can’t do is actually add tags to untagged packets (only the Atheros8316 can) - but for my purposes as long as I can at least keep one port (ether1) as a seperate entity and have VLAN tags honoured on the other ports I won’t have to add any tags.
Thanks again for your help. Time to start drawing up an equipment order.
I thought I should report back with news of how it went - in general - I like this little router very much. I did have some problems with config - mostly because I didn’t have the strength to learn yet another network OS CLI - so I used WebFig - which is kinda flaky - it would accept configs as valid, then not work, then sometimes it would complain, but not always.. anyway - upgrading from RouterOS 5.11 to 5.17 fixed that mostly (some config still disappears, like the Wireless Security profiles, but they do appear at the CLI, so they do work). The router is now with my client and in a semi-production setting and chugging along nicely. In all, the features are mostly excellent, and the hardware is very good. A paradigm shift almost away from the incumbent SME router mfgs.
My only real gripe is, and this is actually the reason why I don’t expect to be using Mikrotik on any new projects is OpenVPN, or rather the reaction to users requesting additional features. OpenVPN wasn’t a requirement of this project, so I didn’t mention it earlier. As the icing on cake I wanted to set up an OpenVPN client on the RB751 to connect to a big server at some data-center. The problem is the lack of UDP support. I knew RouterOS didn’t support UDP back from about a year ago when I first looked at Mikrotik routers - I also know first-hand what brain-damage it is to do TCP over TCP (from once doing simulations and experiments on TCP stacks in a university lab and in the wild) - what I didn’t expect is the total indifference and almost disdain there is from Mikrotik to the numerous requests of this feature on the forums - especially considering how easy it is it enable it.
I genuinely can’t see why it couldn’t be included in the next build of RouterOS - it’s just a make option to enable it. The resulting binary shouldn’t be that much bigger (and could always be an optional package). In fact, I don’t see any technical reason why not to include it - only business reasons (lock in). If there was a toolchain available for RouterOS I’d build my own package and not even mention it here - but in reality I might as well be using IOS again. In the end I’ll probably just pick up a TP-Link 703N from China, put OpenWRT on it, and do VPN-on-a-stick.
I don’t like to whinge, but with all the other excellent functionality in an otherwise outstanding bit of hardware this seems like a symptom of another closed and opaque system, and I just wish it wasn’t.
On the RB751U-2HnD (the non-gigabit model) only ports ether2..ether5 can be switched together, while ether1 is a stand-alone ethernet port (to be used in L3/routing or to be, at most, L2/software-bridged); from a quick glance (by remote access to a customer’s device) at the RB751G-2HnD (the newest gigabit model) it appears (but I’m not sure) that on such model ALL 5 ports ether1..ether5 could be switched together: please, can someone confirm this?
I have to reconfigure a running remote device (by mean of a one-shot configuration script in the usual blind & finger-crossed mode, you know…) and want to be sure about the above point.