I want a switch, where all ports are “full VLAN Trunks”: all ports are learning and forwarding all VLAN’s, only tagged frames are accepted, and all frames are tagged. Strictly independent VLAN learning.
This is what i came up with on my CRS 317-1G-16S+:
/interface bridge
add name=bridge1 vlan-filtering=yes
/interface bridge port
add bridge=bridge1 frame-types=admit-only-vlan-tagged interface=sfp-sfpplus1
add bridge=bridge1 frame-types=admit-only-vlan-tagged interface=sfp-sfpplus2
add bridge=bridge1 frame-types=admit-only-vlan-tagged interface=sfp-sfpplus3
add bridge=bridge1 frame-types=admit-only-vlan-tagged interface=sfp-sfpplus4
add bridge=bridge1 frame-types=admit-only-vlan-tagged interface=sfp-sfpplus5
add bridge=bridge1 frame-types=admit-only-vlan-tagged interface=sfp-sfpplus6
add bridge=bridge1 frame-types=admit-only-vlan-tagged interface=sfp-sfpplus7
add bridge=bridge1 frame-types=admit-only-vlan-tagged interface=sfp-sfpplus8
add bridge=bridge1 frame-types=admit-only-vlan-tagged interface=sfp-sfpplus9
add bridge=bridge1 frame-types=admit-only-vlan-tagged interface=sfp-sfpplus10
add bridge=bridge1 frame-types=admit-only-vlan-tagged interface=sfp-sfpplus11
add bridge=bridge1 frame-types=admit-only-vlan-tagged interface=sfp-sfpplus12
add bridge=bridge1 frame-types=admit-only-vlan-tagged interface=sfp-sfpplus13
add bridge=bridge1 frame-types=admit-only-vlan-tagged interface=sfp-sfpplus14
add bridge=bridge1 frame-types=admit-only-vlan-tagged interface=sfp-sfpplus15
add bridge=bridge1 frame-types=admit-only-vlan-tagged interface=sfp-sfpplus16
add bridge=bridge1 frame-types=admit-only-vlan-tagged interface=ether1
/interface bridge vlan
add bridge=bridge1 tagged="sfp-sfpplus1,sfp-sfpplus2,sfp-sfpplus3,sfp-sfpplus4,s\
fp-sfpplus5,sfp-sfpplus6,sfp-sfpplus7,sfp-sfpplus8,sfp-sfpplus9,sfp-sfpplus1\
0,sfp-sfpplus11,sfp-sfpplus12,sfp-sfpplus13,sfp-sfpplus14,sfp-sfpplus15,sfp-\
sfpplus16,ether1,bridge1" vlan-ids=1-4094
It works.
What concerns me, is quite scary number of LOCAL entries in “bridge host table”: 4094*(number of active ports).
So, my quesion is: am I doing it right ? 
P.S. Switch host table (/in eth sw host) looks right, and that’s where I’m actually looking for FDB information, when I need to (as Arturs Z. pointed out, switch host table and bridge host table are somewhat independent, even when all bridge ports are hw-offloaded). I’m just concerned about possible performance (and maybe stability) implications of my config…