Let say I put a server in a separate VLAN and give another VLAN with workstations access to the VLAN of the server (as a resource); workstations and server are connected to the same switch.

The initial connection is forwarded to the router since the client is on another VLAN, but stays the router in between after the connection is established?

Since the server would be connected to the switch over an 40G QSFP+ fiber connection and the router will be connected to the switch over a 10G SFP+ connection.
When the router stays in between for the inter-VLAN traffic, the bandwidth to the clients would then be limited to the 10Gb fiber connection and I will not utilize the full 40G QSFP+ connection from the switch to the server.

Router model: CCR1036-8G-2S+
Switch model: CRS354-48P-4S+2Q+RM

Switch is not planned to be using the L3 function.

I hope someone can enlighten me on this matter and off course assure me that inter-VLAN established & related is handled at layer 2 on the switch.

Thank you in advance for your input.

It depends on how exactly routing is configured. But if router is needed for connection establishment (e.g. because client and server are in different IP subnets), then router will be needed for all of packets. And if both IP subnets were using same L2 network (same VLAN or same physical LAN if VLANs are not used) all traffic still hits the router.

The reason: devices using IP networking assume that they can directly (well, on L2) connect to other devices in same IP subnet but they have to use gateway (i.e. router) to reach anywhere else.

CRS3xx will have L3 HW offloading in ROS v7 (currently in release candidate stage) where inter-VLAN routing will be offloaded to hardware switch chip and it will be possible to have wire-speed connections between devices in different VLANs/IP subnets. But for that, CRS3xx will have to be router for those subnets (configured as gateway ... either default or for specific target subnets).

Response is confusing.

If I have 20 devices connected to a smart switch all on the same vlan (and lets say the vlan is on several ports of the switch).
Connectivity BETWEEN DEVICES on the same vlan, behind the same switch would not have to use the router to pass traffic unless going out to the internet?
Dont switches do mac learning ..............

Response is confusing.

No, you're understanding OP's problem description in a too simplified way. He wrote:

Let say I put a server in a separate VLAN and give another VLAN with workstations access to the VLAN of the server (as a resource); workstations and server are connected to the same switch.

(The slanted text seems very confusing to me, there are number of meanings that might fall in this category and depending on particular way OP chose actual answer might change but probably not when using Mikrotik as switch).

Which to means OP has one VLAN for server and another VLAN for workstations. From switching point of view it doesn't matter that server and workstations are connected to the same switch, since they are in different VLANs they might as well have half of internet in between. Routing is involved and when routing is involved, all packets between same pair of computers have to be routed[*]. (One must not confuse switching and routing with fasttrack, fasttrack is a firewall feature, not routing/switching feature).
[*] routing can change during live connection if network topology changes ... but it's still routing, doesn't change the fact that both hosts have to use IP router as intermediate hop.

Got it thanks!!

CRS3xx will have L3 HW offloading in ROS v7 (currently in release candidate stage) where inter-VLAN routing will be offloaded to hardware switch chip and it will be possible to have wire-speed connections between devices in different VLANs/IP subnets.

Thanks for the relevant input Metod.

I've been looking into it.

For example:
https://help.mikrotik.com/docs/display/ ... onExamples
https://help.mikrotik.com/docs/display/ ... ngbyBridge

Also:
"We believe this "release candidate" version is pretty much ready for "stable" release on all devices. ..."
Source: posting.php?mode=quote&f=1&p=874190

I can't decide if it's worth the risk installing ROS v7 already and what the time frame will be for it to become stable, though.

Hi,

imho at this point is not worth a risk to go to ros v7, i think you should consider getting a decent L3 switch from other vendor specially if performance is a solid requirement from your environment, in some ISP setting you can get away with this but not in a busy enterprise environment.

if you bought the kit already try ros v7 there's no harm in trying, but seriously look elsewhere just my 0.2$

if you bought the kit already try ros v7 there's no harm in trying, but seriously look elsewhere just my 0.2$

Well both devices are already bought about 15 months ago and connected (to be able to configure them remotely), but not configured and in production.


I postponed the case since especially the switch had(/has?) issues and I wanted to give Mikrotik the time to solve it:
CRS354-48P-4S+2Q+ traffic problem on ports 1 to 8 | viewtopic.php?f=2&t=160561


At this point I can't postpone upgrading to newer hardware any longer.
I am not worried about the stability of the router thought; the switch however...

i think you should consider getting a decent L3 switch from other vendor

Any suggestions?

Thank you in advance for the input.