Hi,
I’m having some mayor issues with VLANs and simply can’t spot the error, can somebody please help me find it.
I have a HEX POE and a CSS326-24G-2S+RM connected via sfp trunk. I also have a CAP AC, which is connected to the switch and VLANs work on it like they should, I just can’t get them to work on the switch itself… untagged, forced id whatever… DHCP works, but no communication and in the case of the 50 and 60 VLANs (which are without DHCP), no communication at all (tried creating DHCP server - same as on 20, but no-go, no IP, no communication). I can see the hosts on the switch, and the VLAN id is correct.
The main VLAN (id 1) works over trunk just fine, and is also working on the AP (which is connected on the switch itself), so the trunk sends all the VLANs. All the networks show up in the “Routes” as reachable.
Also “bridge-local” is the main (only) bridge as the manuals suggest.
This is just my personal homelab network…
Thank you!
/interface vlan
add interface=bridge-local name=LAN vlan-id=1
add interface=bridge-local name=IOT vlan-id=107
add interface=bridge-local name=vlan20 vlan-id=20
add interface=bridge-local name=vlan30 vlan-id=30
add interface=bridge-local name=vlan40 vlan-id=40
add interface=bridge-local name=vlan50 vlan-id=50
add interface=bridge-local name=vlan60 vlan-id=60
/interface bridge settings
set allow-fast-path=no
/interface bridge
add admin-mac=edited auto-mac=no comment=defconf \
ingress-filtering=yes name=bridge-local priority=0x8000 protocol-mode=\
mstp vlan-filtering=yes
/interface bridge port
add bridge=bridge-local interface=ether2-master
add bridge=bridge-local interface=sfp1
add bridge=bridge-local interface=ether5 pvid=30
add bridge=bridge-local interface=ether4
add bridge=bridge-local interface=ether3 pvid=20
/interface bridge vlan
add bridge=bridge-local tagged=vlan1,sfp1 untagged=ether4 vlan-ids=1
add bridge=bridge-local tagged=sfp1,bridge-local vlan-ids=30
add bridge=bridge-local tagged=sfp1,bridge-local vlan-ids=40,50,60,107
add bridge=bridge-local tagged=sfp1,bridge-local vlan-ids=20
/ip address
add address=192.168.88.1/24 interface=ether2-master network=\
192.168.88.0
add address=10.0.0.1/24 interface=vlan30 network=10.0.0.0
add address=192.168.1.1/24 interface=vlan20 network=\
192.168.1.0
add address=192.168.99.1/24 interface=vlan40 network=\
192.168.99.0
add address=10.10.10.1/24 disabled=yes network=10.10.10.0
add address=192.168.50.1/24 interface=vlan50 network=\
192.168.50.0
add address=192.168.107.1/24 interface=IOT network=192.168.107.0
add address=192.168.60.0/24 interface=vlan60 network=\
192.168.60.0
/ip dhcp-server network
add address=10.0.0.0/24 dns-server=8.8.8.8,8.8.4.4 gateway=\
10.0.0.1
add address=10.10.10.0/24 dns-server=10.10.10.1 gateway=10.10.10.1
add address=192.168.1.0/24 dns-server=192.168.1.1 gateway=\
192.168.1.1
add address=192.168.88.0/24 dns-server=192.168.88.1 gateway=\
192.168.88.1
add address=192.168.99.0/24 dns-server=192.168.99.1 gateway=\
192.168.99.1
add address=192.168.107.0/24 dns-server=192.168.107.1 gateway=\
192.168.107.1
/caps-man datapath
add bridge=bridge-local client-to-client-forwarding=yes local-forwarding=no \
name=internal vlan-id=1 vlan-mode=use-tag
add bridge=bridge-local client-to-client-forwarding=yes local-forwarding=no \
name=guest vlan-id=20 vlan-mode=use-tag
add bridge=bridge-local client-to-client-forwarding=no local-forwarding=no \
name=test vlan-id=30 vlan-mode=use-tag
add bridge=bridge-local client-to-client-forwarding=no local-forwarding=no \
name=iot vlan-id=107 vlan-mode=use-tag