Community discussions

MikroTik App
just joined
Topic Author
Posts: 1
Joined: Mon Sep 07, 2020 12:23 am

SwOS and SwOS Lite VLAN setup to pass two WANs and LAN through single fibre

Tue Jul 20, 2021 12:15 pm

I'm lucky enough to have two gigabit WAN connections (primary and failover). These both have their modems in my living room. From the living room there's single-core OS2 fibre installed to where my rack is. I'm trying to get VLANs working so I can have both WANs and LAN connectivity pass through a single fibre connection. However, this is causing trouble.

I have a CSS610 in the living room and a CSS326 in the rack, with the fibre connecting the two. I've set port 1 on the CSS610 for WAN 1 (VLAN31), and port 2 on the CSS610 for WAN 2 (VLAN 32). Ports 3-8 are set as standard untagged VLAN 1, with the SFP+ port which has the optic being a member of VLANs 31 and 32, but having a default VLAN ID of 1.

The CSS326 has ports 23 set for WAN 1 (VLAN31), and 24 set for WAN 2 (VLAN32), so I can plug those directly into pfsense. The SFP+ port with the optic is also a member of VLAN 31 and 32 but has default VLAN ID of 1.

The setup should look a bit like this (noting that I also need LAN on the CSS612 for a ATA adapter and computer (not drawn) in the living room:
Screenshot 2021-07-19 at 22.26.59.png
This setup works intermittently, so sometimes pfsense can pull a WAN IP for both interfaces, then randomly drops it and no amount of forcing DHCP release/renew fixes it. The switch randomly got given a WAN IP before too. The PD-delivered IPv6 from WAN 1 also isn't pulled by pfsense. If I connect the fibre to a media converter on each end, it works perfectly and I can get IPv6. But this means I can't have WAN 2 and LAN on the same fibre.

I think I've incorrectly configured VLANs on both switches so would appreciate any guidance. How do I essentially get port 1 of the CSS610 to transparently output to port 23 of the CSS326, same with port 24 as if there's no switch there, AND have a LAN connection on untagged VLAN on the remaining ports? Is this even possible - and if so, what settings do I need here?

Config screenshots are in the attachments. To note I also posted this on reddit but thought the MT forum will likely be better. Thanks in advance for any guidance!
You do not have the required permissions to view the files attached to this post.
just joined
Posts: 23
Joined: Mon Aug 19, 2019 3:06 pm

Re: SwOS and SwOS Lite VLAN setup to pass two WANs and LAN through single fibre

Wed Jul 21, 2021 3:29 pm

The 1st thing that you need to do is make sure that you have on the CSS610 the latest version of SwOS Lite, any version before 2.13 was really bad, I recommend going with the 2.14 (latest one).
on vlan ports configuration tab, change on the ports towards the modem's the vlan receive to "only untagged" and disable the "force vlan ID" you should do the same on the pfSense side.

Who is online

Users browsing this forum: No registered users and 6 guests