Page 1 of 1

Trunking bridged VLANS

Posted: Thu Apr 19, 2018 7:02 pm
by Spartacus
Hi everybody,
I am very new here and I have a RB3011 since one week. I am not very familar with this and I am trying to configure VLANS without success.

Here the speps I tried:
- setup a bridge (br01)
- setup a VLAN (vlan 10) binded to br01
- ether4 binded to br01
- setup a dhcp Server on br01
- setup a bridge (br02)
- setup a VLAN (vlan 20) binded to br02
- ether5 binded to br02
- setup a dhcp Server on br02

and now I come into issues. I do not understand how to trunk vlan10 and vlan20 trought SFP to my cisco switch so that I can use the vlans on the switch. I tried several configs but nothing works.

The problem i not the cisco switch, it is the configuartion on the mikrotik. If I add the vlans directly to the sfp and if i will configure a dhcp directly to the vlan interfaces, it works. Only the combination with bridges will not work and I do not now how to do this.

Can anybody help here? What is the keyword I have to search for, or does anybody has an example how this should be configured?

Thanks a lot,

Re: Trunking bridged VLANS

Posted: Fri Apr 20, 2018 5:25 pm
by Spartacus
it´s me again:

I think my problem is to find the right approch and I am asking for support:
I red several howtos and wikis but I did not find the right way. I am runnung OS6.42 on my RB3011.

I am not sure if it is correct to manage all the ports (physical and virtual) over a bridge. I tried to put the vlans into one bridge and gave each vlan a separate dhcp server, but this causes other issues:
A client which former run in vlan10 will get an ip address from vlan 10, although it is currently
connected to vlan20. And, all devices in vlan10 can ping devices in vlan 20 and the other way around!
This seems to be a suspicious and I do not understand what is going

I do not have a running config at the moment, but maybe someone can help with an example.

The "master" question is:
How can I trunk the vlans from two bridges:

br1: ether2, vlan10, dhcp:
br2: ether3, vlan20, dhcp:

througt the SFP port to my cisco devices.

Thanks in advanced,

Re: Trunking bridged VLANS

Posted: Fri Apr 20, 2018 6:20 pm
by artz
Please don't put VLAN interfaces in a bridge with a physical interface, that is known to cause issues: ... _interface

You should follow this guide for RB3011 to achieve wirespeed VLAN switching performance: ... s_Ports.29

Re: Trunking bridged VLANS

Posted: Fri Apr 20, 2018 11:25 pm
by Spartacus
thanks for your support! I will try the example after my business trip during next week!

Re: Trunking bridged VLANS

Posted: Mon Apr 23, 2018 6:39 pm
by Spartacus
I checked the guide below but this does not work for me because I cannot add sfp1 as trunk port. Seems to be that only ether1 to ether10 are available in the switch config!
/interface ethernet switch vlan
add ports=sfp1,ether3 switch=switch1 vlan-id=200
add ports=sfp1,ether4 switch=switch1 vlan-id=300
add ports=sfp1,ether5 switch=switch1 vlan-id=400
Does anybody has an idea?

Re: Trunking bridged VLANS

Posted: Mon Apr 23, 2018 7:57 pm
by Spartacus
puuh, it looks like that RB3011 doesn´t support this feature for SFP1 anymore! The older RB2011 does! Is it correct?
Does anyone knows how I can manage this? I have to use SFP as the trunk-port for the connection to my Cisco switch.


Re: Trunking bridged VLANS

Posted: Tue Apr 24, 2018 1:03 pm
by Spartacus
noone an idea to go foeward with this?

Re: Trunking bridged VLANS

Posted: Wed Apr 25, 2018 3:48 pm
by Spartacus
ok, I found a way but I am not sure if this is the best approach!

add 5 VLANS on sfp1
  • vlan1
  • vlan10...vlan50
add 5 bridges
  • br-admin
add port to bridge
  • ether2 to br-amin
  • vlan1 to br-admin
  • ether4 to br-vlan10
  • ether5 to br-vlan10
  • ether9 to br-vlan20
  • ether10 to br-vlan20
  • vlan10 to br-vlan10
  • vlan20 to br-vlan20
  • vlan30 to br-vlan30
  • vlan40 to br-vlan40
  • vlan50 to br-vlan50
add networks
  • to br-admin
  • to br-vlan10
  • to br-vlan50
add dhcp server and pool
  • dhcp-admin on br-admin
  • dhcp-vlan10 on br-vlan10
  • dhcp-vlan50 on br-vlan50
Cisco Switch is connected via SFP1 and vlans are available on the switches.

It seems to be working but as i mentioned, I am not sure if this is the best configuration.
Next step would be to connect the VLANS to the internet over ether1 and to route between some vlans.

Can someone check my way, or is there a more efficient way?

Re: Trunking bridged VLANS

Posted: Wed Apr 25, 2018 5:55 pm
by anavds
I am thinking of using VLANS as well but my prior knowledge is not helping.
I always understood that VLANS are not an entity to itself. One cannot just create VLANs.
Virtual means its actually using a host somewhere of some sort.
In this case AN EXISTING LAN is being used or being piggybacked by a VLAN structure.

So I would suspect the following is required.
Ether1 - WAN
Ether2 - Bridge 1 (standard LAN)
Ether3 - member of Bridge 1 (standard LAN)
Ether4 - Bridge 2 (Secondary LAN)
Ether5 - member of Bridge 2 (secondary LAN)

Each Bridge has its own DHCP service
Bridge1 etc.
Bridge 2 etc

Now I can choose which VLANS I create and which HOST LANS they will use to symbiotically piggyback on.
This is the step I do not know how to identify (easy with current router which has a specific selection for host LAN).

Create VLANS and associated VLAN networks with associated DHPC service.
VLAN10 - DHCP etc

Assign VLANS to LAN of choice etc....... HOW???

Lets say using VLAN10 and 30 over Standard LAN
Lets say using VLAN20 and 40 over Secondary LAN.

How do I setup up interfaces or identify them as specific types of ports (trunk or not)???

Re: Trunking bridged VLANS

Posted: Wed May 02, 2018 7:47 pm
by AutoEmocion
1 set up a new bridge "sfp1-trunk"
2 go to interface vlan and create Vlans "sfp1-vlan10" vlan id 10 interface sfp1-trunk.
3 repeat step 2 for vlan20
4 create bridges "vlan10 bridge" and "vlan20 bridge"
5 add physical ports (ether to 10) to the respective vlanxx bridges
6 assign IP address to the vlanxx bridges
7 add "sfp1-vlan10" to "vlan10 bridge & "sfp1-vlan20" to "vlan20 bridge"
8 add port sfp1 to "spf1-trunk"

U should be able to get the vlan trunk on the sfp1 to your Cisco now.

Sent from my SM-N9005 using Tapatalk