Tue Oct 19, 2021 4:58 pm
Close!
What is not clear to me is ether10.
In the majority of cases a Router to a Switch scenario port to carry vlans is a trunk port that carries all vlans.
You seem to be indicating that the SWITCH is expecting a HYBRID scenario and CAN handle incoming untagged info (main network) as well as several tagged vlans.
Lets go on that premise for case 1
Also You have an error in your config that needs to be fixed!
add bridge=bridge interface=ether4 hw=yes pvid=22
add bridge=bridge interface=ether4 hw=yes pvid=23
One cannot have ether 4 with two untagged vlans, an access port can only have one untagged set of traffic flowing in and out of the port.
Okay so some assumptions...........that ether4=22, ether5=23, ether6=24 and ether7=25 (to make up the five vlans).
CASE1: All ports are access ports except port 10 is a hybrid port. I would add ingress filtering and frame-types=admit-priority-and-untagged for all except ether10, but that is up to you.
/interface bridge port
add bridge=bridge interface=ether2 hw=yes pvid=20
add bridge=bridge interface=ether3 hw=yes pvid=21
add bridge=bridge interface=ether4 hw=yes pvid=22
add bridge=bridge interface=ether5 hw=yes pvid=23
add bridge=bridge interface=ether6 hw=yes pvid=24
add bridge=bridge interface=ether7 hw=yes pvid=29
add bridge=bridge interface=ether8 hw=yes pvid=20
add bridge=bridge interface=ether9 hw=yes pvid=20
add bridge=bridge interface=ether10 hw=yes pvid=20
add bridge=bridge interface=sfp hw=yes pvid=20
Now for the bridge vlans and there is two ways to config this, both valid.
/interface bridge vlan
add bridge=bridge untagged=ether2,ether8,ether9,ether10,sfp vlan-ids=20
add bridge=bridge untagged=ether3 tagged=bridge,ether10 vlan-ids=21
add bridge=bridge untagged=ether4 tagged=bridge,ether10vlan-ids=22
add bridge=bridge untagged=ether5 tagged=bridge,ether10 vlan-ids=23
add bridge=bridge untagged=ether6 tagged=bridge,ether10 vlan-ids=24
add bridge=bridge untagged=ether7 tagged=bridge,ether10 vlan-ids=29
OR
add bridge=bridge tagged=bridge,ether10 vlan-ids=21
add bridge=bridge tagged=bridge,ether10vlan-ids=22
add bridge=bridge tagged=bridge,ether10 vlan-ids=23
add bridge=bridge tagged=bridge,ether10 vlan-ids=24
add bridge=bridge tagged=bridge,ether10 vlan-ids=29
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
If its the more common scenario that etherport 10 is a trunk port carrying all vlans tagged to the switch.
add bridge=bridge interface=ether2 hw=yes pvid=20
add bridge=bridge interface=ether3 hw=yes pvid=21
add bridge=bridge interface=ether4 hw=yes pvid=22
add bridge=bridge interface=ether5 hw=yes pvid=23
add bridge=bridge interface=ether6 hw=yes pvid=24
add bridge=bridge interface=ether7 hw=yes pvid=29
add bridge=bridge interface=ether8 hw=yes pvid=20
add bridge=bridge interface=ether9 hw=yes pvid=20
add bridge=bridge interface=ether10 {ingress filtering as well but also frame-types=admit-only-vlan-tagged}
add bridge=bridge interface=sfp hw=yes pvid=20
/interface bridge vlan
add bridge=bridge tagged=bridge,ether10 untagged=ether2,ether8,ether9,sfp vlan-ids=20
add bridge=bridge untagged=ether3 tagged=bridge,ether10 vlan-ids=21
add bridge=bridge untagged=ether4 tagged=bridge,ether10vlan-ids=22
add bridge=bridge untagged=ether5 tagged=bridge,ether10 vlan-ids=23
add bridge=bridge untagged=ether6 tagged=bridge,ether10 vlan-ids=24
add bridge=bridge untagged=ether7 tagged=bridge,ether10 vlan-ids=29
OR
add bridge=bridge tagged=bridge,ether10 vlan-ids=20
add bridge=bridge tagged=bridge,ether10 vlan-ids=21
add bridge=bridge tagged=bridge,ether10vlan-ids=22
add bridge=bridge tagged=bridge,ether10 vlan-ids=23
add bridge=bridge tagged=bridge,ether10 vlan-ids=24
add bridge=bridge tagged=bridge,ether10 vlan-ids=29