VLAN tagging y I neebased on incomming port

Jurz · December 16, 2013, 10:17am

Hi,

I’m building a classroom that has 8 identical environments consisting of two virtual machines each (each environment has exact same IP network), obviously I need vlans to separate them. In order for everything to work I need to be able to tag packets with certain VLANs based on port through which ip packet is received (to enable remote connectivity).

Here’s what it looks like

Internet ---- MT router ----- vmware virtual machines(vlan2), vmware virt machines (vlan3) etc…

MT router has several dst nat rules on ports 3390, 3391, 3392

I want that all trafic that is entering through port 3390 is marked for vlan2, all traffic that is entering through 3391 marked for vlan3 etc.

Any ideas, how to approach this?
Thanks in advance.

efaden · December 16, 2013, 12:21pm

On what device? The switch chip may be able to help depending on the hardware

Sent from my SCH-I545 using Tapatalk

Jurz · December 16, 2013, 12:40pm

RB2011L

CelticComms · December 16, 2013, 1:10pm

If the VLANs will have the same IP environment will you also be placing the same IP number on multiple VLAN interfaces on the RouterBoard? If so, look at VRF:

http://wiki.mikrotik.com/wiki/Manual:Virtual_Routing_and_Forwarding

You can place each of the VLAN interfaces into a discrete VRF table and then use mangle to set the routing mark on traffic inbound from to certain ports so that the traffic ends up heading for the correct version of the DST IP number.

efaden · December 16, 2013, 1:23pm

I don’t think you can do it with the switch chip on that model. VRF may work.