Hi,
I recently purchased two MikroTik routers for a SOHO setup;
Router A: RB2011UAS-2HnD-IN (main router)
Router B: RB751U-2HnD (configured as AP)
On router A I created the following:
ether1 — ISP modem
vap-private — bridge-rtr-private — VLAN0040 — Ether2 (tagged)
vap-public — bridge-rtr-public — VLAN0010 — Ether2 (tagged)
ether3 (untagged) — bridge-rtr-business — VLAN0020 — Ether2 (tagged)
ether4 (untagged) — bridge-rtr-hotspot — VLAN0030 — Ether2 (tagged)
On router B I created the following:
ether2 (untagged) — bridge-ap-private — VLAN0040 — Ether1 (tagged)
ether3 (untagged) — bridge-ap-public — VLAN0010 — Ether1 (tagged)
vap-business — bridge-ap-business — VLAN0020 — Ether1 (tagged)
vap-hotspot — bridge-ap-hotspot — VLAN0030 — Ether1 (tagged)
So Ether2 on router A and Ether1 on router B are trunk ports.
IP addresses are assigned to the bridges at Router A, the appropriate DHCP scopes have been set up, all is working nicely.
On router B I removed all firewall/masquerading rules, so Router A is doing all the routing, this is als working; inter vlan communication is blocked and people are able to access the internet.
For management sake, I assigned a static DHCP IP to router B in the private segment.
Bridges on router A are root bridges.
This is where the fun begins;
I don’t see the traffic coming from the vap’s to the bridges on router B; instead I see the traffic being passed directly to the vlan, the bridge sees nothing.[b/]
The only traffic I see is on bridge-ap-private, where the administrative interface resides.
I do see the traffic on the bridge of Router A.
Her is a compact export of router B, with all the irrelevant settings removed:
/interface bridge
add l2mtu=1596 name=BRIDGE-AP-PRIV protocol-mode=rstp
add l2mtu=1596 name=BRIDGE-AP-BUSI protocol-mode=rstp
add l2mtu=1596 name=BRIDGE-AP-HSPT protocol-mode=rstp
add l2mtu=1596 name=BRIDGE-AP-PUBL protocol-mode=rstp
/interface ethernet
set 0 name=ether1-trunk speed=1Gbps
set 1 name=ether2-priv speed=1Gbps
set 2 name=ether3-busi speed=1Gbps
set 3 name=ether4-publ speed=1Gbps
set 4 name=ether5-hspt speed=1Gbps
/interface vlan
add interface=ether1-trunk l2mtu=1596 name=VLAN0010-BUSI vlan-id=10
add interface=ether1-trunk l2mtu=1596 name=VLAN0020-PUBL vlan-id=20
add interface=ether1-trunk l2mtu=1596 name=VLAN0030-HSPT vlan-id=30
add interface=ether1-trunk l2mtu=1596 name=VLAN0040-PRIV vlan-id=40
/interface bridge port
add bridge=BRIDGE-AP-PRIV interface=ether2-priv
add bridge=BRIDGE-AP-PRIV interface=VLAN0040-PRIV
add bridge=BRIDGE-AP-PRIV interface=wlan-priv
add bridge=BRIDGE-AP-PRIV disabled=yes interface=ether1-trunk
add bridge=BRIDGE-AP-BUSI interface=ether3-busi
add bridge=BRIDGE-AP-BUSI interface=VLAN0010-BUSI
add bridge=BRIDGE-AP-BUSI interface=wlan-busi
add bridge=BRIDGE-AP-PUBL interface=ether4-publ
add bridge=BRIDGE-AP-PUBL interface=VLAN0020-PUBL
add bridge=BRIDGE-AP-PUBL interface=wlan-publ
add bridge=BRIDGE-AP-HSPT interface=ether5-hspt
add bridge=BRIDGE-AP-HSPT interface=VLAN0030-HSPT
add bridge=BRIDGE-AP-HSPT interface=wlan-hspt
/ip dhcp-client
add default-route-distance=0 disabled=no host-name=ap-debont interface=BRIDGE-AP-PRIV
/ip dns static
add address=192.168.88.1 name=router-debont
Maybe I’m missing something obvious and I just need a push in the right direction…
Any ideas?