Trunking with Cisco Switches

Pluton · June 24, 2019, 8:39am

Hi,

I am having a hard time creating a successful trunk between a Cisco Switch and a MikroTik CRS112-8P-4S-IN, without native VLAN.

The scenario contains two VLANs, with 8 being the access ports on the MikroTik, and 9 being a management VLAN.
VLAN 8 is passed through correctly, however, vlan 9 is inaccessible through the IP address i issue on the MikroTik.

The https://wiki.mikrotik.com/wiki/Manual:Switch_Chip_Features#VLAN_Example_1_.28Trunk_and_Access_Ports.29 port guide, as i said passes the access ports correctly through, but leaves v9 inaccessible through the MK IP assigned. The moment i add the native vlan command to v9 in the Cisco switch, i get access to the MikroTik through the management IP.
I did try the hybrid scenario, obviously by adapting it to my needs initially, but it seems the CRS112 does not support the vlan commands.

This MikroTik is crucial to me as an access device as i have a scenario with remote locations and devices with various PoE standards.

Cisco interface configuration:

interface GigabitEthernet1/0/1
 description Trunk_to_MK
 switchport trunk encapsulation dot1q
 switchport trunk allowed vlan 8,9
 switchport mode trunk

MikroTik Configuration:

/interface bridge
add name=Main_Bridge
/interface bridge port
add bridge=Main_Bridge interface=ether1 hw=yes
add bridge=Main_Bridge interface=sfp9 hw=yes

/interface ethernet switch ingress-vlan-translation
add ports=ether1 customer-vid=0 new-customer-vid=8

/interface ethernet switch egress-vlan-tag
add tagged-ports=sfp9 vlan-id=8
add tagged-ports=sfp9 vlan-id=9

add ports=ether1,sfp9 vlan-id=8
add ports=sfp9 vlan-id=9

/interface vlan
add interface=MGMT_Anchor name=MGMT vlan-id=9
/ip address
add address=192.168.9.10/24 interface=MGMT

Obviously, there is visibility in layer 2, as i can see the Bridge and sfp9 mac address showing up on the mac table in the Cisco SW. Even the arp table shows that the Bridge mac address is tied to the IP the MikroTik has. Also, CDP/LLDP show all the information on the CIsco SW, but the MikroTik IP’s is not reachable at any circumstances.

The moment this change is done in the Cisco SW, communication is possible.

interface GigabitEthernet1/0/1
description Trunk_to_MK
switchport trunk encapsulation dot1q
switchport trunk native vlan 9
switchport trunk allowed vlan 8,9
switchport mode trunk

I cannot see where i am forcing the MikroTik to use a Native VLAN in this case.

Thanks in advance.

Pluton · June 25, 2019, 5:56am

I’ve managed the communication i needed through this configuration, please advise if there are better solutions to achieve this, as from what i’ve read, different approaches seem to have different resource capabilities, i’d like to know that i can avoid any sort of i.e software operated switching.

This trunk will have constant traffic of 10-20mbps.

/interface bridge
add name=Main_Bridge protocol-mode=none

/interface vlan
add interface=sfp9 name=sfp9-v9 vlan-id=9

/interface bridge port
add bridge=Main_Bridge interface=ether1
add bridge=Main_Bridge interface=sfp9

/interface ethernet switch egress-vlan-tag
add tagged-ports=sfp10,sfp9 vlan-id=8

/interface ethernet switch ingress-vlan-translation
add new-customer-vid=8 ports=ether1

/ip address
add address=192.168.9.10/24 interface=sfp9-v9 network=192.168.9.0

/ip route
add distance=1 gateway=192.168.9.1