Hello,
At this moment i have a Routerboard RB-2011UAS-RM with this configuration:
Port 1 = Internal 1 (bonding “intern” with port 2 to a CRS125-24G-1S-RM switch so i have 2x 1Gbit)
Port 2 = Internal 2 (bonding “intern” with port 1 to a CRS125-24G-1S-RM switch so i have 2x 1Gbit)
Port 3 = WiFi (Unifi Pro)
Port 4 = Raspberry PI (bonding “raspi” with port 5 to a CRS125-24G-1S-RM switch so i have 2x 1Gbit)
Port 5 = Raspberry PI (bonding “raspi” with port 4 to a CRS125-24G-1S-RM switch so i have 2x 1Gbit)
Port 6 = free
Port 7 = free
Port 8 = Ripe probe
Port 9 = Sagem VDSL2 modem (DHCP) so i can manage the modem
Port 10 = PPPoE Sagem VDSL2 modem
I want to work with different IP ranges:
10.0.0.0/24 = alle bekabelde netwerkapparatuur
10.101.0.0/24 = WiFi private (WiFi stuff from me and my girlfriend), using vlan 101
10.102.0.0/24 = WiFi trusted (WiFi stuff from family, friends, …) using vlan 102
10.103.0.0/24 = WiFi public (WiFi stuff of others) using vlan 103
10.200.0.0/24 = Raspberry PI’s
At this moment there are 2 bondings : “internal” (port 1 and 2) and “raspi” (port 4 and port 5). Now i want to use the DHCP server of the mikrotik on port 3 (Unifi Pro) so that this device gets a 10.0.0.x IP, and the vlans will work too.
How do i have to do this? It seems that using a bridge doesn’t work?
You can see my configuration on PasteBin : http://pastebin.com/AWf3DJfp
I’m not sure exactly how well my configuration would translate to what you’re trying to do, but here’s what I’ve got:
I’m using an RB751GL as my main router, 1 WAN port, ether2 as Master to 3, 4, and 5. I have several VLANs set up via the Switch Chip. I have a UniFi AP AC plugged into ether4, which I have configured as an access port, i.e. VLAN-Mode=secure, VLAN-header=always-strip, Default-VLAN-id=1. I have also assigned three additional VLANs to that port (501, 801, and 901 in my case). Using the UniFI controller (which I’m running on a CentOS box), I created three wireless SSID’s, and tagged each with its own VLAN id. Things are working very well with this setup.
I had to explicitly create the VLAN 1 and configure it on various ports for all my Management IP’s to be able to talk to each other properly. I would have preferred a different VLAN id, but every time I tried to use a different one, one of my switches (RB260GS) would stop responding, even though I had configured the “Allow from VLAN” option on it.
Anyway, if you use VLAN 1 for management, as I did, you can bind your DHCP server to the VLAN 1 interface, and set up the ports accordingly. The other option is to set a static IP on the AP, but then you’ll need a DNS entry to resolve “unifi” to your controller OR you can SSH into the AP, enter the mca-cli, and explicitly tell the AP where to inform “set-inform http://ip.address.of.controller:8080/inform”.
By the way, you don’t need the “use-service-tag” option for VLANs unless you’re doing Q-in-Q. I don’t know your environment, so it may be appropriate, but it’s not a very common thing.