Community discussions

MikroTik App
 
ITGG
just joined
Topic Author
Posts: 4
Joined: Thu Nov 17, 2022 8:21 am

Need help with an CRS326 connected to an USW-Pro-Aggregation

Thu Dec 15, 2022 2:22 pm

Hello everybody,

this is my first post in this forum. Also I'm new to MT too.
Please excuse my horrible english skills.

I need help to configure a "CRS326-24G-2S+" with V-Lan.

The CRS326 should communicate over sfp2 wit an "Unifi Aggregation Switch Pro" on Port 19.

I would like to create 3 V-Lan on those ports:
V-Lan-ID 10 > 192.168.100.XXX > Port 17 - 22 > Untagged
V-Lan-ID 30 > 192.168.095.XXX > Port 09 - 16 > Untagged
V-Lan-ID 50 > 192.168.050.XXX > Port 01 - 08 > Untagged

sfp1: BACKUP Uplink to "Unifi" (Cold-Standby)
sfp2: Uplink to "Unifi"

The MT needs no static IP, because it's a test switch laying on my benchdesk.

If a device get connected on port 01 - 22 it should get an ip-adress via dhcp.

Informations:
The MT is powered by RouterOS 6.49.7

On the Unifi Port19 is configured as Uplink. The same configuration as on port19, connects various servers and HPE Aruba 1930 switches, with the same V-Lan ID's with the usw-pro-aggregation.
They work all. So it can only be the configuration on the CRS326.

I tried various configurations but nothing seems to work. I followed exactly the new configuration guide on this website. (switch.rsc | viewtopic.php?t=143620)
See my latest config (CRS326-config.txt) attched on the thread.

I beg you to help me configure this switch, before i get insane after two months of hopeless configuration.
You do not have the required permissions to view the files attached to this post.
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 11433
Joined: Thu Mar 03, 2016 10:23 pm

Re: Need help with an CRS326 connected to an USW-Pro-Aggregation

Thu Dec 15, 2022 2:33 pm

In which way exactly does things break for you? If your management access breaks ... then it's because you're setting BR1interface as tagged member of "default" VLAN (VID = 1) while corresponding (untagged) interface doesn't exist (and even winbox can't talk to ROS without appropriate untagged interface). You can get a suitable interface by running
/interface vlan add name=vlan1 interface=BR1 vlan-id=1
Or you can leave BR1 port untagged (by not adding it as tagged member of VID 1 ... setting of pvid=1 on all bridge ports, including BR1, is implicit default). More on various bridge personalities.

The configuration commands from attached file seem fine. Now please also post exact configuration after the commands are applied ... execute /export file=anynameyouwish, fetch file to admin computer, obfuscate any sensitive data (using any text editor) and copy-paste contents here.
 
ITGG
just joined
Topic Author
Posts: 4
Joined: Thu Nov 17, 2022 8:21 am

Re: Need help with an CRS326 connected to an USW-Pro-Aggregation

Thu Dec 15, 2022 3:05 pm

Hey mkx,

thanks for your fast reply. After applying my configuration i can access the switch via winbox on port 23 and 24 (not configured). That's not the problem. The problem I've, is that my notebook or any device connected to an access port on the switch, gets no ip. But it should get an ip via dhcp within the v-lan ip-range from our firewall.

I've uploaded the configuration of the switch after applying the commands from my attechment "crs326-configuration".
You do not have the required permissions to view the files attached to this post.
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 11433
Joined: Thu Mar 03, 2016 10:23 pm

Re: Need help with an CRS326 connected to an USW-Pro-Aggregation

Thu Dec 15, 2022 3:16 pm

Well, the posted export shows only config for ether ports, the rest is missing:
  1. none config for trunk ports sfp1 and sfp2
    I'm not sure why adding sfp1 and sfp2 ports to bridge fails, but most probably because their names are sfp-sfpplus1 and sfp-sfpplus2. You have to verify what are exact names of these two interfaces. Same for commands setting VLAN properties of these two bridge ports.
  2. no config for tagged VLANs
    You can't use "set" constructs if there are not corresponding entries already existing, you have to use "add". E.g. /interface bridge vlan add bridge=BR1 tagged=sfp-sfpplus1,sfp-sfpplus2 vlan-ids=10 (again, use correct names for these two interfaces). And similarly for VLAN IDs 30 and 50
  3. my consideration about using VLAN 1 tagged remains. Possibly you should not use it tagged at all, not even on "trunk" interfaces towards USW ... but that depends on how exactly is USW configured (is it explicitly configured for tagged VLAN 1?).
 
ITGG
just joined
Topic Author
Posts: 4
Joined: Thu Nov 17, 2022 8:21 am

Re: Need help with an CRS326 connected to an USW-Pro-Aggregation

Thu Dec 15, 2022 3:48 pm

So,

I've updatet my configuration to hopefully match or suggestion(see "crs326-config-1.txt and "crs326-running-config-1.txt") but still no success.
I'll try it again and remove the tagg's for V-Lan "1".
You do not have the required permissions to view the files attached to this post.
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 11433
Joined: Thu Mar 03, 2016 10:23 pm

Re: Need help with an CRS326 connected to an USW-Pro-Aggregation  [SOLVED]

Thu Dec 15, 2022 4:22 pm

Latest config creates "switch group" of untagged ports ether1-ether8 and sfp+ 1 and 2 tagged with VID 50. Similarly it creates "switch group" of untagged ports ether9-ether16 (plus tagged sfp+ ports) with VID 30 and "switch group" of untagged ports ether17-22 (plus tagged sfp+ ports) with VID 10. Also sfp+ ports seem to be correctly set as tagged members of relevant VLANs (untagged ports are made members of corresponding VLANs automatically due to pvid setting).

Which means that PC, connected to e.g. ether1, should be able to communicate to DHCP server (on USW), handling VLAN 50. If USW is configured correctly (that part of configuration was not mentioned yet).
You can test basic configuration by using two machines with statically configured network settings. Connect them to same "switch group" and see if traffic flows. Then connect them to different "switch groups", e.g. one to ether1 and the other to ether9 and try again (traffic should not flow unless uplink to USW actually works).

As to VLAN 1 ... it really depends what you need to do with it ... is it supposed to be used for management access to switch? There's no other use for it on CRS, only sfp+ ports are members and those are supposed to be used in active-standby configuration so CRS is not supposed to switch traffic between the two.

BTW, you may want to configure sfp+ ports as links of bond. Any bond mode will offer link redundancy (if one link fails, all the traffic will flow via the remaining links), most of them also offer load balance (different modes behave differently in this aspect, depending on particular traffic patterns it may happen that some bond modes won't do any load balancing). But both link partners (CRS and USW) have to support same bond mode, otherwise the link might fail. CRS can do bonding in hardware but only with certain bond modes.
Last edited by mkx on Thu Dec 15, 2022 4:31 pm, edited 1 time in total.
 
ITGG
just joined
Topic Author
Posts: 4
Joined: Thu Nov 17, 2022 8:21 am

Re: Need help with an CRS326 connected to an USW-Pro-Aggregation

Thu Dec 15, 2022 4:26 pm

Okay,

you were right mkx. Not tagging/ adding V-Lan "1" solve the problem for me. Now everything works just fine.
I don't now exactly why its working now by not adding vlan "1" but I'm not complaining. Perhaps because vlan "1" is default for MT or it was a redundancy/ collison with the port config of my unfi switch.

Load balancing is a little op for my test-benchdesk.

For everyone who've the same or a similar problem, I attached the configuration that worked for me (crs326-working-vlan-config.txt).

Thanks very much for your help mkx.
You do not have the required permissions to view the files attached to this post.

Who is online

Users browsing this forum: No registered users and 43 guests