Vlan help

Here4U · March 27, 2017, 7:26am

I´ve got a CHR 125, and on ether17 i have attached a cable from the iptv output on my ISP´s modem (this traffic is untagged on entry)
This traffic i would like to get into vlan-bridge800, and make available to i.ex. eth12-vlan800.

If i setup dhcp client on vlan-bridge800 it recieves configuration and works fine, when i go to my esxi server on my added port group eth2-vlan800 and try a dhcp client, nothing happens, so there is something i miss here.

These are the commands i have done:
/interface bridge add name=bridge-vlan800
/interface bridge port add interface=ether17 bridge=bridge-vlan800
/interface vlan add interface=ether12 name=eth12-vlan800 vlan-id=800

I have added an port group on my esxi server (eth2-vlan800) but it wont get thru. (eth1 is management) and it cant get any contact.
If i do /interface bridge port add interface=ether18 bridge=bridge-vlan800 and attach a network cable to port 18 the traffic is correct and i get an ip address, what am i missing here?

Thanks in advance for any / all comments

Sob · March 27, 2017, 5:21pm

So you have bridge-vlan800 with single port ether17. And then you have vlan eth12-vlan800 on ether12. I’m not sure if eth2-vlan800 / eth12-vlan800 is typo, but either way, it’s current isolated from bridge-vlan800. Just because you name something “vlan”, it doesn’t magically connect it to any.

If you want to connect untagged traffic on ether17 with tagged traffic on ether12, then add eth12-vlan800 as another bridge port. Or better, use the hardware switch.

Here4U · March 27, 2017, 9:37pm

Yes it was a typo, eth12 already have the following vlan interfaces

eth12-vlan20, eth12-vlan30, eth12-vlan35, eth12-vlan37, eth12-vlan40 i have added the vlan interface eth12-vlan800 with no success

the vlans 20-37 works fine, 40 is not tested.

dskillin · March 28, 2017, 2:28am

Try this, make sure to add the VLAN to the bridge.

/interface bridge add name=bridge-vlan800
/interface bridge port add bridge=bridge-vlan800 interface=ether17
/interface vlan add interface=ether12 name=eth12-vlan800 vlan-id=800
/interface bridge port add bridge=bridge-vlan800 interface=eth12-vlan800

You started right, putting the source port in to the bridge. You need to bridge it to something.

Sob · March 28, 2017, 1:02pm

That’s what I wrote. But according to screenshot, it’s already there…

dskillin · March 28, 2017, 2:26pm

Hmmm, next…

Torch ether17 to see if packets are coming out VLAN tagged.

Here4U · March 31, 2017, 9:00am

For some strange reason, all of a sudden the vlans started to work. I had some days i didnt have time to test, and sat down yesterday, tried to fetch ip via dhcp and there it came, im not sure what or how, but as the saying goes “if it works, dont fix it”

Thanks for all the help

kevintitus81 · April 1, 2017, 12:20am

I just finished a multi-tenant vlan config consisting of a distribution switch and multiple access switches. I found switch chip configuration to work much better. It seemed like running the vlans on bridges was very CPU intensive. Using switch-chip CPU is about 5-10% on average during peak business hours… Just a thought.
With switch chip you have to setup the ingress translations, egress tagging, etc…more leg work, but better performance.