Community discussions

MikroTik App
just joined
Topic Author
Posts: 7
Joined: Wed Feb 14, 2018 10:08 am

Mikrotik CRS106 hardware switching

Mon Apr 02, 2018 5:36 pm


I have a lab simulating following network:

L2 channel -> "ISP GW" -> "ISP SW (CRS106)" -> L2 channel

My goal is to get a dedicated L2 channel between GW and SW. On ISP GW side I have configured 4 different tagged VLAN-s(101-104) for 4 different clients. ISP GW is connected to ISP SW uplink. Switch strips the (101-104) vlan tag and sends the traffic to certain port meant for certain client. Everything works, when I pass untagged traffic through the L2 channel, but when tagged traffic is sent, switch seems to drop the traffic on the clients port.

Configuration is based on the standard CRS106 VLAN configuration:
/interface bridge
add name=bridge1 protocol-mode=none
/interface ethernet switch
set drop-if-invalid-or-src-port-not-member-of-vlan-on-ports=sfp1,sfp2,sfp3,sfp4
/interface bridge port
add bridge=bridge1 interface=sfp1
add bridge=bridge1 interface=sfp2
add bridge=bridge1 interface=sfp3
add bridge=bridge1 interface=sfp4
add bridge=bridge1 interface=sfp5
/interface ethernet switch egress-vlan-tag
add tagged-ports=sfp5 vlan-id=101
add tagged-ports=sfp5 vlan-id=102
add tagged-ports=sfp5 vlan-id=103
add tagged-ports=sfp5 vlan-id=104
/interface ethernet switch ingress-vlan-translation
add customer-vid=0 new-customer-vid=101 ports=sfp1
add customer-vid=0 new-customer-vid=102 ports=sfp2
add customer-vid=0 new-customer-vid=103 ports=sfp3
add customer-vid=0 new-customer-vid=104 ports=sfp4
/interface ethernet switch vlan
add learn=no ports=sfp1,sfp5 vlan-id=101
add learn=no ports=sfp2,sfp5 vlan-id=102
add learn=no ports=sfp3,sfp5 vlan-id=103
add learn=no ports=sfp4,sfp5 vlan-id=104

I understand that problem lies in the parameters, that are marked as bold. I have tried to change these parameters, but can´t get the tagged traffic to flow. Is it possible to get the switch work in hardware offloading mode (switching done by hardware) and make it not care when tagged traffic is sent over the L2 channel? Can someone give me advice how to make it work? If random tagged vlans are sent through the L2 channel then the switch should only add/strip the 101-104 vlan tag which is encapsulating the random tag.
When using the software bridge solution everything works (tagged and untagged traffic flows) , but it gives the CPU a big hit:

/interface vlan
add interface=sfp5 name=sfp5-vlan101 vlan-id=101
add interface=sfp5 name=sfp5-vlan102 vlan-id=102
add interface=sfp5 name=sfp5-vlan103 vlan-id=103
add interface=sfp5 name=sfp5-vlan104 vlan-id=104
/interface bridge
add name=bridge-vlan101
add name=bridge-vlan102
add name=bridge-vlan103
add name=bridge-vlan104
add name=management
/interface bridge port
add bridge=bridge-vlan101 interface=sfp5-vlan101
add bridge=bridge-vlan101 interface=sfp1
add bridge=bridge-vlan102 interface=sfp5-vlan102
add bridge=bridge-vlan102 interface=sfp2
add bridge=bridge-vlan103 interface=sfp5-vlan103
add bridge=bridge-vlan103 interface=sfp3
add bridge=bridge-vlan104 interface=sfp5-vlan104
add bridge=bridge-vlan104 interface=sfp4

Thank you in advance!

Who is online

Users browsing this forum: biomesh, complex1 and 32 guests