Hi,
I’m still struggeling with my configuration.
I have several switches and AP’s.
I want wire speed so I follow this documentation: https://wiki.mikrotik.com/wiki/Manual:Switch_Chip_Features
But I have several switches and can’t get it working.
First big problem is VLANs and Management VLAN.
I have core switch CCR1009 and on ether1 is my ISP modem
On ether5 is a RB3011 connected to ether1
On ether8, ether9 and ether10 are other switches connected.
I want the following VLANs
VLAN ID 9 (management
VLAN ID 10
VLAN ID 12
VLAN ID 14
VLAN ID 15
VLAN ID 16
VLAN ID 17
VLAN ID 18
VLAN ID 19
VLAN ID 900.
So I think on the RB3011 ether1, ether 8, ether9 and ether10 need to be trunk ports
But If I follow the documentation I don’t get it working.
Can someone help me.
I think Mikroktik make VLANs very hard to configure.
What is the full type number of the CCR1009? Is it a recent one or older?
The new CCR1009 with CCR1009-7G in the type number do not have a switch at all!
The older ones (CCR1009-8G) had a switch only on ports 1-4.
On that type it is not a good idea to connect your external internet to port 1. Use ports 5-8 or SFP.
On the 7G ou will have to use one or more bridges. You can select between using a single bridge, put the
ports in it, and then apply VLAN subinterfaces to that bridge, or you can use a bridge for each
VLAN, add VLAN subinterfaces to each ethernet interface, and put all those subinterfaces into
their respective bridges. I prefer that way as it allows more precise configuration and disallows
unconfigured VLAN tags.
On the older 8G you could do your trunk ports on the port 1-4 switch, but it will perform worse when
your internet uplink is >1Gbit because the switch is connected to the core with a single 1Gbit link,
where all the traffic towards the router has to pass. But of course you will have wirespeed switching
between your trunks.
Ok but What I need to know is. what is better? To use on the RB3011 and RB951G-2HnD. “/interface Ethernet switch” to configure the VLANs or use bridged and add the VLANs and Ether ports to the bridges.
What is faster and better?
Thanks for you suggestion to not use ether1 to 4 on the CCR1009-8G for the internet.
Switch is of course faster and better.
But the CCR1009 is so fast that it does not matter too much.
I would still recommend to move what you wanted to do on port 5-8 to port 1-4
and vice versa, because that better suits the structure of the device.
(it is a bit of an oddball as in the other MikroTik products it is the other way around)
I spent many hours on this working on a system for a multi-tenent bldg using cloud core switches and switch-chip. Best advice I can give is to slave your access ports to a master port, then make sure all of your ingress-translations are setup, then egress translations, and finally giving those ports access to its assigned vlans.
If you have a ton of vlans scripting it out is much faster.
I also had issues getting routing from my distribution switch to my edge router, and I remember having to add the cpu to my egress translations to get that to work.
It can be a lil tricky. You may be able to try getting it setup via the new switchOS?