Mon Jun 22, 2020 9:53 pm

RB3011 and VLAN-filtering

Mon Jun 22, 2020 10:25 pm

Hello guys,

I‘m new to the world of RouterOS and already very happy....but.... I just can’t figure this out

I’ve understood that there are three ways to “VLAN” after the Update of RouterOS some time ago (6.4...).
-Software (CPU)
-Hardware (Switch-chip)
-Bridge (can be HW-Offload or CPU)

Here’s my Situation:
1) ISP -> Mikrotik ->creating 2VLANs with DHCP-Servers and addresses...->using 4 trunk-ports to get to my Switches (802q-VLAN ).

2) incoming second ISP that already has an DHCP-Server.
I need to get this LAN to a VLAN and send them as trunk on the same 4 trunk-ports as mentioned in 1).
Also: but later!: I want to keep the option to firewall my way to the NAS that ist on ISP.

I thought:
-DHCP-Client for ISP
-create Bridge
-give the bridge ports 2-5 (1 is ISP and not In the bridge)
-create Bridge-VLANs
-create address / pool / DHCP for VLANs - NAT (masquerade)
-enable Hardware-Offloading

It works fine until I turn on VLAN-filtering of the bridge. Then HW-Offload is not working any more.
The RB3011 is capable of that?
It would be perfect to have that speed away from the CPU.

- for 2) how do I manage that ?
I found out that it works when the ISP of 2) is already VLAN-tagged because then I can just add the incoming port to the bridge and add that VLAN with addresses and
ports that it works....but this is stupid i think.
This Router is so powerful but I need a cheap switch to tag that....
I thought about using the switch-Chips for that...cause I don’t need to add addresses or an DHCP....I just need to tag the incoming Traffic and distribute it to vlans on the same ports as 1).

Is it possible to tag ingress traffic?
I’ve read a lot about the VLAN-Header and VLAN-Mode as well as Default-ID....but seems to be wrong.

Thanks a lot!
I’ve searched all around but haven’t found a rookie-understandable Solution yet. :(

Best regards,

