Community discussions

MikroTik App
 
User4011
newbie
Topic Author
Posts: 38
Joined: Tue Jun 29, 2021 12:36 am

Standlone(no switch attached) RB4011 VLAN config help

Wed Jul 07, 2021 8:25 pm

Hi all.

New to Mikrotik here. I have a standalone default config RB4011 (*no switch attached*). Impressive little hardware package for the price. The out-of-the-box set up for a new user was very nicely done and quite easy. Connected to ISP right away. All ethernet ports in the default bridge group connect, etc.

I've attempted to configure VLAN50 for a device on ether5 with the idea of eventually isolating traffic... No IP address would pull from the DHCP server. I started again with VLAN60 and ether6. Same results.

Looking at the Winbox Interface List->Interface tab, I see Tx on both ether6 and VLAN60, but no Rx(same result on VLAN50). Switch the PVID on the port back from 60 to 1 and an IP address from the bridge dhcp pool will be reacquired (same had occurred on VLAN50)

I must be missing something simple here. I have tried a number of different ways to get the VLAN working with no success.

anav states:
I personally use vlans for all subnets and the only thing the bridge does is bridging.
I'd prefer to employ this method.

You kind help would be greatly appreciated.
You do not have the required permissions to view the files attached to this post.
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 19099
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: Standlone(no switch attached) RB4011 VLAN config help

Thu Jul 08, 2021 3:22 pm

(1) First read this reference viewtopic.php?f=23&t=143620

(2) Provide a network diagram showing

(3) State a complete set of requirements in terms of what you want users/devices to be able to do or NOT do, without any mention of config or solutions.

Do you have both ipv4 and ipv6 traffic?

Dont know why you dont put all vlans on the bridge?
 
User4011
newbie
Topic Author
Posts: 38
Joined: Tue Jun 29, 2021 12:36 am

Re: Standlone(no switch attached) RB4011 VLAN config help  [SOLVED]

Thu Jul 08, 2021 11:14 pm

Thanks for the quick response, anav.

1. I had been over this doc as well as several other howtos, config examples across the internet. I'm pretty sure I had gotten the VLAN config muddled during the course. I did, at one point, have a configuration that did include the/a bridge as a tagged port for the VLANs I was trying to create. Problem was, obviously, I had misconfiguration(s) at that point in time.

2. Very basic at the moment:

ISP modem->RB4011
Ether1: WAN
Ether2: Laptop on dock on default LAN. Wifi also used.
Ether3: Nighthawk wifi router. (currently just plugged in there doing NAT. It has AP mode available...). Will VLAN this as well, at some point.
2 laptops that will eventually need other resources
1 laptop that will need Internet Only
1 smart TVs that needs Internet Only (for the time being)
A couple smart phones need Internet Only


SOLUTION

Removing all vestiges of my attempts at those vlans, I adding VLAN50 and VLAN60 using the default bridge in the following manner.(Example below was for VLAN60. Some notes):
#Set physical interface pvid
/interface bridge port
set bridge=bridge interface=ether6 pvid=60
numbers: 3 ##<--the interface number listed by ROS can be seen with the "print" command
print #verify that ether6 has PVID 60

#L3 switching so Bridge must be a tagged member.  NOTE: because of warning "dynamic...
#cannot be set.  Had to use Winbox to add tagged entry to bridge interface, apply, remove tagged entry and apply,
#then the command succeeded.  Not the most refined solution, but it worked.
/interface bridge vlan
set bridge=bridge tagged=bridge [find vlan-ids=60]

#IP addressing
/interface vlan add interface=bridge name=VLAN60 vlan-id=60
/ip address add address=192.168.60.1/24 interface=VLAN60

#IP Services (DHCP to VLAN)
/ip pool add name=VLAN60 ranges=192.168.60.2-192.168.60.254
/ip dhcp-server add address-pool=VLAN60 interface=VLAN60 name=VLAN60 disabled=no
/ip dhcp-server network add address=192.168.60.0/24 gateway=192.168.60.1

Regarding IPv6,

I'm not really sure what I'm needing and what I'm not needing. Laptops and some devices have the IPv6 protocol running and addresses listed locally. Pretty sure I don't need to be running a dhcp6 server though.

Any input and recommendations are quite welcome.

Who is online

Users browsing this forum: Amazon [Bot], Valerio5000 and 43 guests