Community discussions

MikroTik App
 
ozonejunkie
just joined
Topic Author
Posts: 1
Joined: Tue Oct 27, 2020 12:55 pm

CSS610-8G-2S+IN VLAN Behaviour

Tue Oct 27, 2020 1:14 pm

Good Day,

I am currently going through the setup of the above mentioned CSS610 unit and have encountered some issues with the VLAN configuration. The problem seems reproducible with two ports:
Port 1:
* Strict Mode
* Allow only tagged traffic.
* Default VLAN of 99
* Member of VLAN's 1 & 2
-> Connected to a port configured for VLAN1 & VLAN2 on another switch, with all traffic tagged, appears to be working as confirmed with other device. Trunk port has two DHCP servers, VLAN1 is served on 10.1.1.1/24, VLAN2 is server on 10.2.1.1/24

Port 2:
* Strict Mode
* Allow only untagged traffic with Force VLAN ID enabled.
* Default VLAN of 1
* Member of VLAN 1 only
-> Connected to a standard device generating untagged traffic.

Switch has a static IP of 10.1.2.11.

Expected Behaviour: When a device is plugged into Port 2, it should be assigned an IP address from the DHCP server operating on VLAN1.

Current Behaviour: A device plugged into Port 2 is assigned an IP address from the VLAN2. As the switch IP address is on this network range, the switch management interface is available from the device on port 2 when it is assigned an IP, but no further network connectivity is possible.

Test Behaviour: If a static IP address in the 10.1.1.1/24 range is applied to the device on Port 2, connectivity is as expected to the VLAN1 network.

----
It "feels" like DHCP traffic is being allowed across the VLAN boundary, which makes no sense from my understanding of the situation. Has anyone seen any behaviour like this, or related behaviour that may explain what I am seeing?

Many thanks!
 
User avatar
k6ccc
Forum Guru
Forum Guru
Posts: 1490
Joined: Fri May 13, 2016 12:01 am
Location: Glendora, CA, USA (near Los Angeles)
Contact:

Re: CSS610-8G-2S+IN VLAN Behaviour

Fri Oct 30, 2020 2:10 am

I don't have that switch, but am very familiar with SwitchOS. What you are reporting does not make a lot of sense. BTW, I suspect you typoed something in your description because the DHCP range for VLAN 2 does not include the switch management address. However, I suspect that was a fat finger item...
Could there be a second DHCP server on VLAN 1? If you look at your DHCP server leases, does it show that it is assigning a DHCP address for the device plugged into port 2?

Who is online

Users browsing this forum: No registered users and 22 guests