I've basically copy pasted that guide but can't get it to fly. I can get traffic to flow via different untagged ports but I can't get traffic to or from the VLAN interfaces, it's like they not connected to the bridge. So in the current setup devices connected to ether2 and ether3 doesn't get DHCP, and I see no request coming in to the corresponding VLAN interface.
Apritiate if anyone could give me a hand here.
Code: Select all
/interface bridge
add name=bridge1
/interface vlan
add interface=bridge1 name=VLAN10 vlan-id=10
add interface=bridge1 name=VLAN20 vlan-id=20
/interface ethernet switch port
set 1 default-vlan-id=10 vlan-header=always-strip vlan-mode=secure
set 2 default-vlan-id=20 vlan-header=always-strip vlan-mode=secure
set 5 vlan-mode=secure
/ip pool
add name=POOL10 ranges=192.168.10.100-192.168.10.200
add name=POOL20 ranges=192.168.20.100-192.168.20.200
/ip dhcp-server
add address-pool=POOL10 disabled=no interface=VLAN10 name=DHCP10
add address-pool=POOL20 disabled=no interface=VLAN20 name=DHCP20
/interface bridge port
add bridge=bridge1 interface=ether2
add bridge=bridge1 interface=ether3
/interface bridge settings
set use-ip-firewall-for-vlan=yes
/interface ethernet switch rule
add dst-address=192.168.20.0/24 new-dst-ports="" ports=ether2 switch=switch1
add dst-address=192.168.10.0/24 new-dst-ports="" ports=ether3 switch=switch1
/interface ethernet switch vlan
add ports=ether2,switch1-cpu switch=switch1 vlan-id=10
add ports=ether3,switch1-cpu switch=switch1 vlan-id=20
/ip address
add address=192.168.10.1/24 interface=VLAN10 network=192.168.10.0
add address=192.168.20.1/24 interface=VLAN20 network=192.168.20.0
/ip dhcp-client
add !dhcp-options disabled=no interface=ether1
/ip dhcp-server network
add address=192.168.10.0/24 dns-server=8.8.8.8 gateway=192.168.10.1
add address=192.168.20.0/24 dns-server=8.8.8.8 gateway=192.168.20.1
/ip firewall nat
add action=masquerade chain=srcnat out-interface=ether1