I have a Mikrotik CRS326-24G-2S+RM Cloud Router Switch.
I believe I have misconfigured it by using a separate bridge. I believe this to be resulting in performance loss due to the CPU handling “lan-bridge”.
I created that because I didnt want to “leak” traffic from that segment upsteam or to the rest of the default bridge.
How do I go about configuring ports ether9-ether16 to a separate VLAN that will NOT communicate to the default VLAN (1) Those ports essentially should be isolated from passing any traffic to hosts reachable on ports 1-9 17-24,sfp1-2.
It would be nice to have a full export of the config to have a general overview of the situation:
export file=anynameyouwish (minus any sensitive info)
As for your question, you would need to configure a VLAN interface if you will be handling L3 traffic (addresses, DHCP, routing, etc.), and change the PVIDs of ether9-ether16 from_/interface/bridge/port_ after adding them to the VLAN enbled bridge from the same menu. If you handle L3 traffic, you would also need firewall rules to block traffic between the subnets.
Here you can find some very useful info on how to generally set up VLANs:
I ordered the wrong model. Unfortunately the return window closed. The new one is able to hardware accelerate more then one bridge and my problems have ceased.