RouterOS and multilayer switching

Hello over there, am really new on RouterOS, and got really used to Cisco IOS, but now i wanna try out this system.

Currently i have a setup that consist in 2 Cisco 2960S and 1 CCR1036-12G-4S. I need the CCR to do intervlan routing between both switches also the CCR would be our DHCP-Server for each VLAN. I have 3 VLANS right now:

1.- Servers and Printers ID:100 subnet: 192.168.0.0/24
2.- User Computers ID:110 subet: 192.168.1.0/24
3.- IP Phones ID:120 subnet: 192.168.2.0/24

Each switch is connected to a port of the CCR, i used to have a Cisco 3550, and on IOS what i’d have to do is:

1.- Each port connected to either switch must be configured as a Trunk.
2.- I’d Create 3 SVI (switch virtual interface), one for each VLAN (interface vlan 100/110/120).
3.- I’d add an IP address to each of these interfaces based on the subnet the vlan is on.
4.- I’d create 3 DHCP-POOLs.

nothing else.

It doesn’t seem to be the case with Mikrotik, i tried to create a single VLAN interface for each VLAN and add both ports to each vlan interface, doesn’t work, it doesn’t even allow me to. Somebody told me that i would need to create a bridge interface then tie the ports to that interface, thing is, if i create a bridge interface for each VLAN when i try to add the same port to multiple bridges it won’t allow me.

I need a hand with this, RouterOS still confuses me in the way it handles VLANs and Switch Virtual Interfaces.


Thanks in advance.

Managed to fix it i don’t if it’s the most efficient way to do it, but here it goes.

I Tried it with only 2 VLANS (10 and 20), and the subnets 192.168.0.0/24 (VLAN 10) and 192.168.1.0/24 (VLAN 20).

A.- Configuring Trunk Ports
IOS: switchport mode trunk
To do this in RouterOS what i had to do was:

• Create a VLAN interface for each physical interface i wanted as a trunk for each VLAN.

The naming here does matter, in the sense you can’t create 2 VLAN interfaces with the same name, even though these work on different ports, here is the code:

interface vlan add name=VLAN10-Eth3 vlan-id=10 interface=ether3
interface vlan add name=VLAN10-Eth4 vlan-id=10 interface=ether4
interface vlan add name=VLAN20-Eth3 vlan-id=20 interface=ether3
interface vlan add name=VLAN20-Eth4 vlan-id=20 interface=ether4

B.- Creating a Switch Virtual Interface
IOS: interface vlan vlan-ID
ip address a.a.a.a b.b.b.b

Now for this part in RouterOS you have to follow these steps:

1.- Create a Bridge interface for each VLAN.
2.- Add together all the VLAN interfaces with the same ID and the bridge interface that correspond to that VLAN.
3.- Assign IP addresses to the bridge interfaces according to the network they belong to.

interface bridge add name=VLAN10-Bridge
interface bridge add name=VLAN20-Bridge
interface bridge port add interface=VLAN10-Eth3 bridge=VLAN10-Bridge
interface bridge port add interface=VLAN10-Eth4 bridge=VLAN10-Bridge
interface bridge port add interface=VLAN20-Eth3 bridge=VLAN20-Bridge
interface bridge port add interface=VLAN20-Eth4 bridge=VLAN20-Bridge
ip address add address=192.168.0.1/24 interface=VLAN10-Bridge
ip address add address=192.168.1.1/24 interface=VLAN20-Bridge

C.- Creating a DHCP server for each VLAN
IOS: ip dhcp pool Name_Of_The_Pool
network a.a.a.a b.b.b.b
dns-server a.a.a.a
default-router a.a.a.a
option id_option ip_option


On routerOS it’s quite lenghty so, here are the stepts:

1.- Create an address pool for each VLAN.
2.- Create a DHCP-Server for each VLAN and use the previous address pools created, attach these servers to the VLAN bridges.
3.- Create a DHCP-Server Network options for each VLAN.

ip pool add name=VLAN10-POOL ranges=192.168.0.2-192.168.0.254
ip pool add name=VLAN20-POOL ranges=192.168.1.2-192.168.1.254
ip dhcp-server add name=VLAN10-Server address-pool=VLAN10-POOL interface=VLAN10-Bridge disabled=no
ip dhcp-server add name=VLAN20-Server address-pool=VLAN20-POOL interface=VLAN10-Bridge disabled=no 
ip dhcp-server network add address=192.168.0.0/24 gateway=192.168.0.1 netmask=24
ip dhcp-server network add address=192.168.1.0/24 gateway=192.168.1.1 netmask=24