Hi all,
Newbie here on Mikrotik and on networking in general. I have been trying to set up vlans on my CRS312-4C+8XG but ran into some troubles on the trunk port.
Namely, the access ports that I set up seem to work fine; however on the switch connected to the trunk port, I’m unable to get any DHCP lease.
Obviously both the switch and the router can be configured incorrectly but I would like to get some help on the router first as the switch setup is relatively straightforward.
The intended setup is:
2 vlans: 3 and 99
- ether1 is used as WAN port
ether2 is a trunk port to both vlan 3 and vlan 99
ether3 is an access port to vlan 3
ether8 is an access port to vlan 99
Rest of the ports can be ignored
Right now devices connected directly to ether3 and ether8 have no problem getting IP addresses from the router.
However, devices connected to either the access ports or the trunk ports on the switch connected to ether2 cannot get an IP address.
Here’s the result of /export:
# jun/11/2023 15:35:41 by RouterOS 6.49.7
/interface bridge
add name=vlan-bridge vlan-filtering=yes
/interface vlan
add interface=vlan-bridge name=vlan3 vlan-id=3
add interface=vlan-bridge name=vlan99 vlan-id=99
/interface list
add name=WAN
add name=VLAN
add name=BASE
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/ip pool
add name=dhcp_pool0 ranges=10.0.99.2-10.0.99.254
add name=dhcp_pool1 ranges=10.0.99.2-10.0.99.254
add name=dhcp_pool2 ranges=10.0.99.2-10.0.99.254
add name=dhcp_pool3 ranges=10.0.3.2-10.0.3.254
/ip dhcp-server
add address-pool=dhcp_pool2 disabled=no interface=vlan99 lease-time=1d name=\
dhcp1
add address-pool=dhcp_pool3 disabled=no interface=vlan3 lease-time=1d name=\
dhcp2
/interface bridge port
add bridge=vlan-bridge frame-types=admit-only-untagged-and-priority-tagged \
interface=ether8 pvid=99
add bridge=vlan-bridge frame-types=admit-only-untagged-and-priority-tagged \
interface=ether3 pvid=3
add bridge=vlan-bridge interface=ether7 pvid=99
add bridge=vlan-bridge frame-types=admit-only-vlan-tagged interface=ether2
/ip neighbor discovery-settings
set discover-interface-list=!dynamic
/interface bridge vlan
add bridge=vlan-bridge tagged=vlan-bridge,ether2 untagged=ether3,ether4 \
vlan-ids=3
add bridge=vlan-bridge tagged=vlan-bridge,ether2 untagged=ether8 vlan-ids=99
/interface list member
add interface=ether1 list=WAN
/ip address
add address=10.0.3.1/24 interface=vlan3 network=10.0.3.0
add address=10.0.99.1/24 interface=vlan99 network=10.0.99.0
/ip dhcp-client
add disabled=no interface=ether1
/ip dhcp-server network
add address=10.0.3.0/24 gateway=10.0.3.1
add address=10.0.99.0/24 gateway=10.0.99.1
/ip dns
set allow-remote-requests=yes servers=8.8.8.8
/ip firewall nat
add action=masquerade chain=srcnat out-interface=ether1
/system clock
set time-zone-name=America/Los_Angeles
/system routerboard settings
set boot-os=router-os
I have read http://forum.mikrotik.com/t/using-routeros-to-vlan-your-network/126489/1 but the subtle difference in the setup and my inexperience made it difficult to follow it verbatim.