I have 3 different physical routers which are each 5G cell/mobile sim routers cell providers, the 3 subnets are separated by 3 vlans on a single switch which is a Mikrotik CRS switchOS in webgui managed L2 mode and present as 3 separate WANs to a downstream multiwan router this setup works fine.
My scenario: I’m trying to setup/configure a trunk port from the L2 managed switch port SFP1+ port to a separate router which has openwrt port lan1, the trunk link would be running 2.5gbe (hopefully this will sufficient and not bottleneck and or get saturated). The openwrt would provide AdGuard dns which will be shared dns for all the 3 vlans subnets, its bascially a router on a stick.
The issue: I’m having trouble setting up the trunk link between the vlan'd l2 managed switch and the openwrt (router on a stick) I have tried a few different ways of setting up subinterfaces and devices with the below vlan id’s but im unable to get the trunk link working in openwrt.
Also does the openwrt 192.168.10.1 need a vlan itself too? or perhaps open should be on different subnet to l2 switch? Am missing any config?
Included are screenshot of l2 switch vlan and vlans pages, also my vlan plan
i’ve turned off force vlan id on all ports on l2 mikrotik switch, and changed mgmt ip of l2 mikrotik switch to 192.168.20.5 so switch and router are now on different subnets. In openwrt i’ve created subinterfaces for each vlad id - no joy
Perhaps I should be using bridge vlan filtering on the br-lan (openwrt)?
With bridge VLAN filtering disabled a bridge should be transparent to any VLAN tags and behave as an unmanaged switch.
It could be the default VLAN ID on the Mikrotik switch trunk port as the documentation is unclear if it still untags matching VLAN IDs on egress when VLAN receive is set to Only tagged - try setting it to anything other than the IDs you are actively using.
So each VLANs now have interfaces where each interface has a ip provided by each vlan’d subnetted modems dhcp server, however when on the openwrt subnet 192.168.10.x im unable to ip reach the devices in the vlan’d subnets, in openwrts frewall tried a few things in firewall general settings by setting forward condition from reject to accept but no joy, so looks like it could be a routing issue between network 192.168.10.x and the VLAN’d subnets 192.168.1.0 & 192.168.2.0 & 192.168.8.0?
