Community discussions

MikroTik App
 
corthezz
just joined
Topic Author
Posts: 4
Joined: Fri Jan 17, 2020 11:20 pm
Location: Galanta

RouterOS+SwOS+VLAN+CRS326-24S+2Q+RM=LOOP please help

Sat Jan 18, 2020 10:35 pm

Hey guys, please try to take a look on my case, because i dont really know where the problem can be. I have 2 CCR1036 routers (R1, R2) with latest RouterOS and one new Switch CRS326-24S+2Q+RM with Switch OS 2.10 (SW1). When the CRS is in RouterOS everything work like a charm, but i need the full potential of the HW and i cant get it work them together with SwOS....

1. the SW1 is in factory default SwOS 2.10
2. the R1(sfp2) is connected with R2(sfp4)
3. interface R1(sfp2) is not in bridge. its a standalone port with IP. This port have the VLAN202 on it and its in bridge with other ports
4. interface R2(sfp4) is in bridge with other ports in R2 and have the VLAN202 on it
5. R2(sfp+1) and SW1(sfp+5) is connected to each other with 10G gbic
6. the R2(sfp+1) port is standalone port NOT! in bridge with other ports and not have any IP on it but this port have the VLAN202 on it
7. on R2 there is a trunk-bridge connecting the VLAN202 between R2(sfp4) and R2(sfp+1)
8. The SW1 is in factory default and have only ONE port connected (Sfp+5)
9. And now the problem: when I connect the SW1(sfp+5) I immediatelly get LOOP on R1 - WHY?

diagram is attached, thank you guys... :)
You do not have the required permissions to view the files attached to this post.
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 11381
Joined: Thu Mar 03, 2016 10:23 pm

Re: RouterOS+SwOS+VLAN+CRS326-24S+2Q+RM=LOOP please help

Mon Jan 20, 2020 3:01 pm

Slightly OT, but ...

When the CRS is in RouterOS everything work like a charm, but i need the full potential of the HW and i cant get it work them together with SwOS....

CRS running ROS can unleash full HW power ... it just needs to be configured properly - using single bridge with vlan-filtering enabled. As described in this tutorial. Which is pretty different than the way you have your CCRs right now judging from the description ...
 
corthezz
just joined
Topic Author
Posts: 4
Joined: Fri Jan 17, 2020 11:20 pm
Location: Galanta

Re: RouterOS+SwOS+VLAN+CRS326-24S+2Q+RM=LOOP please help

Tue Jan 21, 2020 12:12 am

Thank you for reply, maybe i am not following the ROS changes during last years. With full HW potential i meant the attached image difference. Please correct me if i am wrong: When i am using HW Offload, then i am using the router's Switch chip and without HW Offload i am on CPU. So if i am on Switch chip then i am using full potential of the CRS, right?

presume i configured the switch now i need a quick lesson to understand...: the most efficiently(performance wise) forward a VLAN202 from port1(trunk port) to port2(trunk port) with vlan-filtering?

/interface bridge vlans
add bridge=XY tagged=port1 tagged=port2 vlan-ids=202

correct?
You do not have the required permissions to view the files attached to this post.
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 11381
Joined: Thu Mar 03, 2016 10:23 pm

Re: RouterOS+SwOS+VLAN+CRS326-24S+2Q+RM=LOOP please help

Tue Jan 21, 2020 3:27 pm

More or less yes.

Just another peculiarity: current ROS implementation limits HW offload to one single bridge (which is actually the same in SwOS, where implicitly only single bridge exists). Which means that if yo uwant to use CRS as a switch, you create single bridge and add all interfaces to that single bridge. If you want some fancy stuff (such as switch segmentation), you then do it using VLAN magic, you don't create multiple bridges (one per switch segment).

Ah, the config example you wrote ... it's not exactly correct. The correct (and full) example code would be
/interface bridge
add name=XY vlan-filtering=yes
/interface bridge port
add bridge=XY interface=port1
add bridge=XY interface=port2
/interface bridge vlan
add bridge=XY tagged=port1,port2 vlan-ids=202

Of course there are other options that make setup more secure (such as setting frame-types=admit-only-vlan-tagged ingress-filtering=yes on tagged-only bridge ports etc.).

Who is online

Users browsing this forum: chiel1212 and 12 guests