is there a way to have a vlan-like interface that get the untagged traffic (and only the untagged traffic) of an ethernet port ?
I think you have to clarify a little.
If you want untagged traffic only, just use the normal interface.
Or are you looking for something that drops all packets that DO have vlan tag?
Ok,
lets’ say i’ve got ether1 with untag traffic and tagged traffic
I’ve got multiple Vlan interfaces configured on this port wich get the tagged traffic and that works well.
I want the untag traffic to be part of a bridge but excluding the tagged traffic.
The problem is that if I add ether1 to the bridge, it means the whole interface (that is to say it also include tagged traffic)
One interesting way would have been to have a vlan interface with, let’s say VID=-1 which only matches the untagged traffic. but as far as i know this dosen’t exists.
You can use bridge filters to prevent tagged traffic from going to other ports.
But this fake VLAN interface that would get only untagged traffic could be very nice feature, if MikroTik wanted to add it.
When you want to do this on a switch(port) you can configure the switch to have some VLAN tag as untagged
and the CPU sees that traffic as tagged. Then you can add a VLAN interface for that tag and it receives only
the untagged traffic.
This is what I have done on a CRS125 (and it works quite well) but not all mikrotik products have switch chips.
Is there a way to do this on plain interfaces which are directly handled by the CPU like on the CCR1016 ?
Yes, on a plain ethernet interface, at IP level, the interface itself receives the untagged traffic and the VLAN subinterfaces you add to that ethernet interface receive the tagged traffic.
Of course you should not put the ethernet interface in a bridge. You can put the VLAN interfaces in a bridge, but not the main interface. The tagged traffic for other tags would go into the bridge as well.
When using the port in routing (i.e. with an IP address assigned to the ethernet interface and the port nowhere as a bridge member) this problem does not occur.
I think that adding this feature would be quite easy considered that the standard 8021q module of the linux kernel currently supports a vlan 0 that correspond to the untagged traffic.
RouterOs seems to forbid vlan-id=0 for the moment but it may be as simple as changing the range.
on the cosmetic aspect, I think a special value named “untagged” would be less confusing than just 0
If you look at cisco, a port with tagged VLAN, can have one untagged vlan. Normal this is VLAN=1, but can be changed.
This way if you connect a PC or some other stuff not understand 802.1q, it wil use the undtagged VLAN.
I have not setup VLAN you on my Microtik since I have still not had time to understand it, and my router uses master slave interface.
Hopefulle this would be better when 6.41 would be released and do a upgrade. Then it will change and remove this master slave interface.
does not compute… 
You could try it using a bridge filter that drops the MAC level protocol “vlan” on that port.
Then at least you can avoid that the tagged traffic is forwarded by the bridge.
yes, my problem is somehow solved or worked around.
but this is in fact a feature request. (is there a special way to make feature requests?)
I may be wrong but it seems to me that routerOs is based on a linux kernel.
Considered that the standard 8021q module from the official linux kernel tree already supports a vlan-id “0” which correspond to the untagged trafic, I would enjoy that RouterOs accept this special value.
It would be very useful and much easier to use.