I am trying to set up a very basic lab environment and have followed the excellent document available at link below, but any of the ports assigned to the VLANs are not working. Test laptop connected to these ports does not get dhcp IP address. If I connect it to a port (ether9) that is set up with PVID 1, then it gets IP address from this native vlan scope (labeled Mgmt). I am running 6.47.3 code.
Your VLAN interfaces (Staff,Guest) are technically attached to the Bridge1, therefore bridge interface must be considered as a trunk/tagged port and transfer tagged frames.
In addition, your IP address 10.10.100.254/24 shouldn’t be attached to Ether2, instead, it should be attached to Bridge1, because your dhcp-server for Mgmt pool is attached to the Bridge1 as well. At the moment, it works just by accident, because Ether2 is slave to Bridge1, therefore RouterOS automatically move the IP from slave to master interface (dang, are we still allowed to use this master-slave terminology?)
Finally, I am missing /ip dhcp-server networks , but I guess you have it set up right, just did not copy it into this export (because without that, even your ether9 wouldn’t give you address)
Thank you so much vecernik87. Yes your diagnosis is right to the point. I can now get dhcp IP addresses on both untagged vlan ports. And yes, I missed including the ip dhcp-server networks. It is there in the config.
I believe the URL that I referred to, did not include tagging on the bridge interface itself and I simply followed that document. Hopefully that document can be improved.
I will also assume that they should automatically set pvid to be the same as untagged vlan ID set up on the port. I am not sure the use case of PVID / native vlan in an access / edge port. If an edge port has been set up as untagged member of a VLAN, it should use that ID to tag any incoming traffic into that port and strip away the tag leaving that port.
I have another question. First I had all these ports bridged with no pvid defined ( so it was 1). I tried to edit the configuration by something like:
interface bridge port
set interface=ether3 pvid=72
it will then prompt for number:, which I had no idea, so I simply hit enter and nothing then changes. I then looked at the document and it simply had command
interface bridge port set ether3 pvid=72 but that also did not work.
What will be the correct CLI to edit an existing configuration to append or change something like a PVID?
I ended up changing that thru GUI and then it took effect.
Thanks again for your very prompt help and support. Stay healthy and God bless you and yours.
And appreciate anav also for looking into my post. I should have included full configuration as you never know. But setting up VLANs on RouterOS seems to be convoluted. But once you know the process, it is then simple to repeat it. Thanks again and keep doing good work.
By the way, it looks like in presence of a pool / range defined for each dhcp scope, dhcp-server network is redundant. I only had it for Mgmt network as that was added as part of the initial wizard setup. The other two scopes I added by defining the pools and then made use of those pools when I defined the dhcp scopes. These scopes thus don’t have the network section.
On further checking, I did find that I missed a step to add the networks, which includes the gateway IP for that vlan. So ip dhcp-server networks stanza is in fact required.
re. your second question: When working with /interface bridge port , each row has its own number as a unique indentifier (if you know SQL, imagine it as a primary key in the DB). Then, each row has parameters (e.g. interface, pvid etc..). Your command actually said that you want to set interface to Ether3 and PVID to 72, however, it did not define which row (number) you want to modify. In theory, the syntax as it is written would modify all your entries (and break your config) but fortunately RouterOS is too smart to do that.
There are two ways to approach it:
You may firstly find out the number with /interface bridge port print (notice the first column) and then use the number in your command /interface bridge port set 2 pvid=72(number 2 is an example, you may have it under different number)
You may use “find” command, for example: /interface bridge port set pvid=72 [find interface=ether3]
You don’t need to set your interface again if you are just changing PVID. It just increases risk you will change it to something else accidentally
Glad its working now!!
Yes, its amazing how many times there are multiple errors, not just vlan filtering specific errors, in config and
firewall rules that get in the way, so to quickly/efficiently provide accurate help the full config is beneficial.