I followed the amazing PCUnite tutorial on VLANs viewtopic.php?p=706999 and I copied his config file examples but had to edit them and remove the interfaces that do not exist on my devices. (I suspect this is where I screwed up and will share my configs below)
I copied the configs to the respective router and used winbox to get into the RB750, selected reset configuration, checked the "No Default Configuration" and selected the router.rsc file to execute after reset. I did the same steps on the RB450G, but using the switch .rsc file.
When plugging the laptop into the router(RB750), I get the management VLAN ip assigned, I also created a Vlan interface on my laptop for each VLAN and I get an ip on all of my laptop's VLAN interfaces. The problem I have is that when plugging in the trunk cable(ether5->ether5) and then plugging my laptop into the ether2 of RB450G (vlanid=9), I do not get the DHCP address for the VLAN or the management IP.
RB450G switch config:
Code: Select all
/system identity set name="Switch"
/interface bridge add name=BR1 protocol-mode=none vlan-filtering=no
/interface bridge port
add bridge=BR1 interface=ether1 pvid=9
add bridge=BR1 interface=ether2 pvid=9
add bridge=BR1 interface=ether3 pvid=11
add bridge=BR1 interface=ether4 pvid=4
/interface bridge vlan
add bridge=BR1 untagged=ether1,ether2 vlan-ids=9
add bridge=BR1 untagged=ether3 vlan-ids=11
add bridge=BR1 untagged=ether4 vlan-ids=4
/interface bridge port
add bridge=BR1 interface=ether5
/interface bridge vlan
set bridge=BR1 tagged=ether5 [find vlan-ids=9]
set bridge=BR1 tagged=ether5 [find vlan-ids=11]
set bridge=BR1 tagged=ether5 [find vlan-ids=4]
add bridge=BR1 tagged=BR1,ether5 vlan-ids=99
/interface vlan add interface=BR1 name=BASE_VLAN vlan-id=99
/ip address add address=192.168.0.2/24 interface=BASE_VLAN
/ip route add distance=1 gateway=192.168.0.1
/interface bridge port
set bridge=BR1 ingress-filtering=yes frame-types=admit-only-untagged-and-priority-tagged [find interface=ether1]
set bridge=BR1 ingress-filtering=yes frame-types=admit-only-untagged-and-priority-tagged [find interface=ether2]
set bridge=BR1 ingress-filtering=yes frame-types=admit-only-untagged-and-priority-tagged [find interface=ether3]
set bridge=BR1 ingress-filtering=yes frame-types=admit-only-untagged-and-priority-tagged [find interface=ether4]
set bridge=BR1 ingress-filtering=yes frame-types=admit-only-vlan-tagged [find interface=ether5]
/interface list add name=BASE
/interface list member add interface=BASE_VLAN list=BASE
/ip neighbor discovery-settings set discover-interface-list=BASE
/tool mac-server mac-winbox set allowed-interface-list=BASE
/tool mac-server set allowed-interface-list=BASE
/interface bridge set BR1 vlan-filtering=yesCode: Select all
/system identity set name="Router"
/interface bridge add name=BR1 protocol-mode=none vlan-filtering=no
/interface bridge port
add bridge=BR1 interface=ether2
add bridge=BR1 interface=ether3
add bridge=BR1 interface=ether4
add bridge=BR1 interface=ether5
/interface bridge vlan
add bridge=BR1 tagged=BR1,ether2,ether3,ether4,ether5 vlan-ids=9
add bridge=BR1 tagged=BR1,ether2,ether3,ether4,ether5 vlan-ids=11
add bridge=BR1 tagged=BR1,ether2,ether3,ether4,ether5 vlan-ids=4
add bridge=BR1 tagged=BR1,ether2,ether3,ether4,ether5 vlan-ids=99
/interface vlan add interface=BR1 name=BASE_VLAN vlan-id=99
/ip address add address=192.168.0.1/24 interface=BASE_VLAN
/ip dns set allow-remote-requests=yes servers="8.8.8.8"
/interface vlan add interface=BR1 name=VLAN9 vlan-id=9
/ip address add interface=VLAN9 address=10.0.9.1/24
/ip pool add name=VLAN9_Pool ranges=10.0.9.2-10.0.9.254
/ip dhcp-server add address-pool=VLAN9_Pool interface=VLAN9 name=VLAN9_DHCP disabled=no
/ip dhcp-server network add address=10.0.9.0/24 dns-server=192.168.0.1 gateway=10.0.9.1
/interface vlan add interface=BR1 name=GREEN_VLAN vlan-id=11
/ip address add interface=GREEN_VLAN address=10.0.11.1/24
/ip pool add name=GREEN_POOL ranges=10.0.11.2-10.0.11.254
/ip dhcp-server add address-pool=GREEN_POOL interface=GREEN_VLAN name=GREEN_DHCP disabled=no
/ip dhcp-server network add address=10.0.11.0/24 dns-server=192.168.0.1 gateway=10.0.11.1
/interface vlan add interface=BR1 name=VLAN_4 vlan-id=4
/ip address add interface=VLAN_4 address=10.0.30.1/24
/ip pool add name=VLAN_4_POOL ranges=10.0.30.2-10.0.30.254
/ip dhcp-server add address-pool=VLAN_4_POOL interface=VLAN_4 name=VLAN_4_DHCP disabled=no
/ip dhcp-server network add address=10.0.30.0/24 dns-server=192.168.0.1 gateway=10.0.30.1
# Optional: Create a DHCP instance for BASE_VLAN. Convenience feature for an admin.
/ip pool add name=BASE_POOL ranges=192.168.0.10-192.168.0.254
/ip dhcp-server add address-pool=BASE_POOL interface=BASE_VLAN name=BASE_DHCP disabled=no
/ip dhcp-server network add address=192.168.0.0/24 dns-server=192.168.0.1 gateway=192.168.0.1
/interface list add name=WAN
/interface list add name=VLAN
/interface list add name=BASE
/interface list member
add interface=ether1 list=WAN
add interface=BASE_VLAN list=VLAN
add interface=VLAN9 list=VLAN
add interface=GREEN_VLAN list=VLAN
add interface=VLAN_4 list=VLAN
add interface=BASE_VLAN list=BASE
/ip firewall filter
add chain=input action=accept connection-state=established,related comment="Allow Estab & Related"
add chain=input action=accept in-interface-list=VLAN comment="Allow VLAN"
add chain=input action=accept in-interface=BASE_VLAN comment="Allow Base_Vlan Full Access"
add chain=input action=drop comment="Drop"
add chain=forward action=accept connection-state=established,related comment="Allow Estab & Related"
add chain=forward action=accept connection-state=new in-interface-list=VLAN out-interface-list=WAN comment="VLAN Internet Access only"
add chain=forward action=drop comment="Drop"
/ip firewall nat add chain=srcnat action=masquerade out-interface-list=WAN comment="Default masquerade"
/interface bridge port
set bridge=BR1 ingress-filtering=yes frame-types=admit-only-vlan-tagged [find interface=ether2]
set bridge=BR1 ingress-filtering=yes frame-types=admit-only-vlan-tagged [find interface=ether3]
set bridge=BR1 ingress-filtering=yes frame-types=admit-only-vlan-tagged [find interface=ether4]
set bridge=BR1 ingress-filtering=yes frame-types=admit-only-vlan-tagged [find interface=ether5]
/ip neighbor discovery-settings set discover-interface-list=BASE
/tool mac-server mac-winbox set allowed-interface-list=BASE
/tool mac-server set allowed-interface-list=BASE
/interface bridge set BR1 vlan-filtering=yes
