VLAN config check

Hi,

I’m new to ROS and I’m still learning. I’m having issues with my VLAN config. I have checked all the tutorials and guides.

If I have VLANs configured my traffic from the trunk port (eth5) stops after some time (20-50 minutes) there’s nothing in the logs (not even if I enable the debug)… If I disable the VLANs everything works as it should. I’ve tried resetting and doing the config from scrath… always the same.

Please point me in the right direction.

# feb/20/2014 12:20:33 by RouterOS 6.10
# software id = WX0U-SYWN
#
/interface bridge
add admin-mac=xx:xx:xx:xx:xx:xx auto-mac=no l2mtu=1598 name=bridge-local
/interface ethernet
set [ find default-name=ether1 ] name=ether1-gateway
set [ find default-name=ether2 ] name=ether2-master-local
set [ find default-name=ether3 ] master-port=ether2-master-local name=\
    ether3-slave-local
set [ find default-name=ether4 ] master-port=ether2-master-local name=\
    ether4-slave-local
set [ find default-name=ether5 ] name=ether5-slave-local
/interface vlan
add interface=ether5-slave-local l2mtu=1594 name=vlan10 vlan-id=10
add interface=ether5-slave-local l2mtu=1594 name=vlan20 vlan-id=20
add interface=ether5-slave-local l2mtu=1594 name=vlan30 vlan-id=30
/interface bridge port
add bridge=bridge-local interface=wlan1
add bridge=bridge-local interface=ether5-slave-local
add bridge=bridge-local interface=ether2-master-local
/interface bridge settings
set use-ip-firewall-for-vlan=yes


/ip pool
add name=dhcp ranges=192.168.88.30-192.168.88.254
add name=vlan10 ranges=192.168.10.30-192.168.10.99
add name=vlan20 ranges=192.168.1.30-192.168.1.99
add name=vlan30 ranges=192.168.30.30-192.168.30.99


/ip address
add address=192.168.88.1/24 comment="default configuration" interface=ether2-master-local network=192.168.88.0
add address=192.168.2.1/24 comment=wlan-guest interface=wlan-guest network=192.168.2.0
add address=192.168.10.1/24 comment=vlan10 interface=vlan10 network=192.168.10.0
add address=192.168.20.1/24 comment=vlan20 interface=vlan20 network=192.168.20.0
add address=192.168.30.1/24 comment=vlan30 interface=vlan30 network=192.168.30.0


/ip dhcp-server
add address-pool=dhcp disabled=no interface=bridge-local name=default
add address-pool=vlan10 disabled=no interface=vlan10 lease-time=5h name=vlan10
add address-pool=vlan20 disabled=no interface=vlan20 name=vlan20
add address-pool=vlan30 disabled=no interface=vlan30 name=vlan30
/ip dhcp-server lease
add address=192.168.88.10 mac-address=xx:xx:xx:xx:xx:xx server=default
/ip dhcp-server network
add address=192.168.10.0/24 comment=vlan10 dns-server=192.168.10.1 gateway=192.168.10.1 netmask=24
add address=192.168.20.0/24 comment=vlan20 dns-server=192.168.20.1 gateway=192.168.20.1 netmask=24
add address=192.168.30.0/24 comment=vlan30 dns-server=192.168.30.1 gateway=192.168.30.1 netmask=24
add address=192.168.88.0/24 comment="default configuration" dns-server=192.168.88.1 gateway=192.168.88.1 netmask=24

/ip firewall filter
add chain=input comment="default configuration" protocol=icmp
add chain=input comment="default configuration" connection-state=established
add chain=input comment="default configuration" connection-state=related
add action=drop chain=input comment="default configuration" in-interface=ether1-gateway
add chain=forward comment="default configuration" connection-state=established
add chain=forward comment="default configuration" connection-state=related
add action=drop chain=forward comment="default configuration" connection-state=invalid

/ip firewall mangle

/ip firewall nat
add action=masquerade chain=srcnat comment="default configuration" out-interface=ether1-gateway to-addresses=0.0.0.0

bump

What is your exact goal.
If ether5 is supposed to be a trunk to carry all three VLAN’s, then you should not put ether5 into the bridge.
Also check your IP config.
You should put the LAN address to the local-bridge, not on ether2.
I also think you mis-typed the IP pool address range for VLAN20