Community discussions

MikroTik App
 
max524
just joined
Topic Author
Posts: 3
Joined: Tue Oct 14, 2014 1:03 pm

Configuration VLAN on Cloud Router Switch

Tue Oct 21, 2014 12:40 pm

Hi,

I've a problem with the configuration of Mikrotik Cloud Router Switch

On port 24: WAN 1
on port 23: WAN 2
on port 17 : VLAN 3
on port 16 : VLAN 1
on port 15 : VLAN 2
On port 19 : VLAN 1, VLAN 2, VLAN 3

When i plug my laptop on port 15 : dhcp server give IP address from vlan 2
When i plug my laptop on port 16 : dhcp server give IP address from vlan 1
When i plug my laptop on port 17 : dhcp server give IP address from vlan 3
When i plug my laptop on port 19 : dhcp server give IP address from vlan 1 only, and no IP addresses is given from vlan 2 and vlan 3 :(

1) How can I do for the port 19 broadcast all VLANS?

2) I've 2 WAN (WAN 1 and WAN 2)
I want VLAN 1 and VLAN 2 use first WAN 1 (and WAN 2 is spare on theses vlan)
I want VLAN 3 use first WAN 2 (and WAN 1 is spare on this vlan)
=> How can I do?

Thanks for your answer with my problem on the conf

I post my current conf, like this, maybe you can help me to fix the conf:
/interface bridge
add mtu=1500 name=BR-VLAN-2 protocol-mode=none
add mtu=1500 name=BR-VLAN-1 protocol-mode=none
add mtu=1500 name=BR-VLAN-3 protocol-mode=none
/interface ethernet
set [ find default-name=ether24 ] name=WAN-2
set [ find default-name=ether15 ] name=vlan2-ETH15
set [ find default-name=ether19 ] name=ETH19
set [ find default-name=ether16 ] name=vlan1-ETH16
set [ find default-name=ether23 ] name=WNA-1
set [ find default-name=ether17 ] name=vlan3-ETH17
set [ find default-name=ether1 ] name=ether1-master-local
set [ find default-name=ether2 ] master-port=ether1-master-local name=ether2-slave-local
set [ find default-name=ether3 ] master-port=ether1-master-local name=ether3-slave-local
set [ find default-name=ether4 ] master-port=ether1-master-local name=ether4-slave-local
set [ find default-name=ether5 ] master-port=ether1-master-local name=ether5-slave-local
set [ find default-name=ether6 ] master-port=ether1-master-local name=ether6-slave-local
set [ find default-name=ether7 ] master-port=ether1-master-local name=ether7-slave-local
set [ find default-name=ether8 ] master-port=ether1-master-local name=ether8-slave-local
set [ find default-name=ether9 ] master-port=ether1-master-local name=ether9-slave-local
set [ find default-name=ether10 ] master-port=ether1-master-local name=ether10-slave-local
set [ find default-name=ether11 ] master-port=ether1-master-local name=ether11-slave-local
set [ find default-name=ether12 ] master-port=ether1-master-local name=ether12-slave-local
set [ find default-name=ether13 ] master-port=ether1-master-local name=ether13-slave-local
set [ find default-name=ether14 ] master-port=ether1-master-local name=ether14-slave-local
set [ find default-name=ether18 ] master-port=ether1-master-local name=ether18-slave-local
set [ find default-name=ether20 ] master-port=ether1-master-local name=ether20-slave-local
set [ find default-name=ether21 ] master-port=ether1-master-local name=ether21-slave-local
set [ find default-name=ether22 ] master-port=ether1-master-local name=ether22-slave-local
set [ find default-name=sfp1 ] master-port=ether1-master-local name=sfp1-slave-local
/ip neighbor discovery
set WAN-2 discover=no
set WNA-1 discover=no
/interface vlan
add interface=ETH19 l2mtu=1584 name=VLAN-2-ETH19 vlan-id=20
add interface=ETH19 l2mtu=1584 name=VLAN-1-ETH19 vlan-id=10
add interface=ETH19 l2mtu=1584 name=VLAN-3-ETH19 vlan-id=30
/interface ethernet switch
set drop-if-invalid-or-src-port-not-member-of-vlan-on-ports=\
    ETH19,vlan-2-ETH15,vlan-3-ETH17,wan-2,wan-1
/ip dhcp-server option
add code=43 name=unify value=0x0104BCA5C147
/ip pool
add name=DHCP_POOL_vlan1 ranges=10.10.1.1-10.10.250.254
add name=DHCP_POOL_vlan3 ranges=10.30.1.1-10.30.250.254
add name=DHCP_POOL_vlan2 ranges=10.20.1.1-10.20.250.254
/ip dhcp-server
add address-pool=DHCP_POOL_vlan1 disabled=no interface=BR-VLAN-1 lease-time=3d name=dhcp1
add address-pool=DHCP_POOL_vlan2 disabled=no interface=BR-VLAN-2 lease-time=3d name=dhcp2
add address-pool=DHCP_POOL_vlan3 disabled=no interface=BR-VLAN-3 lease-time=3d name=dhcp3
/port
set 0 name=serial0
/system logging action
set 2 remember=yes
/interface bridge port
add bridge=BR-VLAN-1 interface=vlan1-ETH16
add bridge=BR-VLAN-1 interface=ETH19
add bridge=BR-VLAN-2 interface=vlan2-ETH15
add bridge=BR-VLAN-3 interface=vlan3-ETH17
/interface ethernet switch egress-vlan-tag
add tagged-ports=vlan2-ETH15,ETH19 vlan-id=20
add tagged-ports=vlan1-ETH16,ETH19 vlan-id=10
add tagged-ports=vlan3-ETH17,ETH19 vlan-id=30
add tagged-ports=ETH19,wan-2 vlan-id=31
add tagged-ports=ETH19,wan-1 vlan-id=21
/interface ethernet switch vlan
add ports=vlan1-ETH16,ETH19 vlan-id=10
add ports=vlan2-ETH15,ETH19 vlan-id=20
add ports=vlan3-ETH17,ETH19 vlan-id=30
add ports=ETH19,wan-1 vlan-id=21
add ports=ETH19,wan-2 vlan-id=31
/ip address
add address=192.168.88.1/24 comment="default configuration" interface=ether1-master-local network=\
    192.168.88.0
add address=10.20.255.254/16 interface=BR-VLAN-2 network=10.20.0.0
add address=10.10.255.254/16 interface=BR-VLAN-1 network=10.10.0.0
add address=10.30.255.254/16 interface=BR-VLAN-3 network=10.30.0.0
/ip dhcp-client
add add-default-route=no dhcp-options=hostname,clientid disabled=no interface=Wan-2
add default-route-distance=0 dhcp-options=hostname,clientid disabled=no interface=Wan-1
/ip dhcp-server network
add address=10.10.0.0/16 dhcp-option=unify dns-server=10.10.255.254,37.187.31.85,8.8.8.8 gateway=\
    10.10.255.254
add address=10.20.0.0/16 dhcp-option=unify dns-server=10.20.255.254,37.187.31.85,8.8.8.8 gateway=\
    10.20.255.254
add address=10.30.0.0/16 dhcp-option=unify dns-server=10.30.255.254,37.187.31.85,8.8.8.8 gateway=\
    10.30.255.254
/ip firewall filter
add chain=forward disabled=yes protocol=tcp src-port=5006
add chain=input connection-state=established log=yes
add chain=input connection-state=related log=yes
add action=drop chain=input in-interface=wan-1 log=yes
add chain=forward connection-state=established log=yes
add chain=forward connection-state=related log=yes
add action=drop chain=forward connection-state=invalid log=yes
/ip firewall mangle
add action=mark-routing chain=prerouting log=yes new-routing-mark=1 src-address=10.10.0.0/16
add action=mark-routing chain=prerouting log=yes new-routing-mark=2 src-address=10.20.0.0/16
add action=mark-routing chain=prerouting log=yes new-routing-mark=3 src-address=10.30.0.0/16
/ip firewall nat
add action=dst-nat chain=dstnat dst-port=5006 protocol=tcp to-addresses=10.20.0.250 to-ports=5006
add action=masquerade chain=srcnat disabled=yes out-interface=wan-1 src-address=\
    10.10.0.0/16
add action=masquerade chain=srcnat disabled=yes out-interface=wan-1 src-address=\
    10.20.0.0/16
add action=masquerade chain=srcnat disabled=yes out-interface=wan-2 src-address=\
    10.30.0.0/16
/ip route
add check-gateway=ping disabled=yes distance=1 gateway=192.168.1.254 routing-mark=vlan-2
add check-gateway=ping disabled=yes distance=1 gateway=172.16.114.1 routing-mark=wan-1
add check-gateway=ping distance=1 gateway=192.168.1.254 routing-mark=wan-2
add check-gateway=ping disabled=yes distance=2 gateway=172.16.114.1 routing-mark=wan-2
/ip upnp
set allow-disable-external-interface=no
/snmp
set trap-community=public

Thank you for answer.
 
flipk12
newbie
Posts: 35
Joined: Mon Oct 06, 2014 5:49 pm
Location: Asturias/Spain

Re: Configuration VLAN on Cloud Router Switch

Wed Oct 22, 2014 12:48 am

The laptop will only see the default vlan of the interface becase is not a vlan capable device.
To choose the gateway you have to mark the connections with a mangle chain and choose the correct route using the mark. Yo will need 4 routes, 2 for each interface one using the mark an the other without it. Put less distance on the routes that check the mark.
You have to define the vlan interfaces on the master port and you'll only need to use one brige for the ap.
At least two forward chains that allows outgoing traffic, one for each wan port.
Two masquerade chains, there is no need to use three.

Who is online

Users browsing this forum: No registered users and 55 guests