Community discussions

MUM Europe 2020
 
BigSky
just joined
Topic Author
Posts: 19
Joined: Tue Aug 24, 2010 11:45 pm
Location: Montana, US

Mikrotik vlans and UniFi Switch issues

Tue Oct 27, 2015 7:31 pm

I’m having trouble implementing multiple vlans from Mikrotik router thru a UniFi Switch (USW). I’m used multiple vlans with Mikrotik routers & AirMax equipment, or thru ToughSwitches with success before, but this is my first time using a USW.

Everything works as it should until I try to add a “Corporate” subnet with tagged & untagged ports on the Mikrotik. (see diagram below) As soon as I put the “Corporate” vlan into a bridge on the Mikrotik I lose contact with the UniFi Switch & UAPs behind it, and all traffic thru the UniFi Switch & UAPs stop as well.

Mikrotik CCR1009-1S-1S+ with v6.32.2
UniFi Switch 48 POE-500W with v3.3.10.3824
UniFi Controller v4.7.5 (hosted at my office; L3 adoption for all UniFi devices)
Network Schematic.png
The Mikrotik port (Eth6), which goes to the USW, has 6 tagged vlans and “Management” subnet untagged. The USW has “All” networks/vlans on Port 1 (the link to the Mikrotik). Then the ports for the UAP have one of the following:
• “HotelGuest” vlan tagged with “Management” untagged
• one of the “Conference” vlans tagged with “Management” untagged
• “HotelGuest” vlan tagged & the “Corporate” vlan tagged with “Management” untagged
• There are a couple USW ports that are access ports (untagged) for one of the “Conference” vlans without UAPs.

The UAPs are using the corresponding vlan tag for whichever SSID(s) they are broadcasting.
Another port from the Mikrotik goes to a ToughSwitch 8-port with a similar setup. (see diagram)

In the Mikrotik:
Eth1 – Eth3 are in “Bridge-Corp”
Eth5 – has vlans listed on diagram / in “Bridge-Management”
Eth6 – has vlans listed on diagram / in “Bridge-Management”

When I’ve have it setup just like this it works. But when I try to create some access ports (untagged) on the Mikrotik itself everything in the USW stops working. But everything coming off the ToughSwitch continues to work.

To create access port on the Mikrotik I add vlan260-Corporate to the “Bridge-Corp”. Then it’s like a loop is created? Or having the vlan in the bridge floods Eth6 with broadcast traffic?

I can make this setup work in the lab with a different model Mikrotik and a ToughSwitch, so I’m trying to figure out if it’s a Mikrotik issue or USW issue. I have a feeling it’s a USW issue.

Any thoughts or insights? I have also posted this on the Ubiquiti forum.
You do not have the required permissions to view the files attached to this post.
 
User avatar
chechito
Forum Guru
Forum Guru
Posts: 1749
Joined: Sun Aug 24, 2014 3:14 am
Location: Bogota Colombia
Contact:

Re: Mikrotik vlans and UniFi Switch issues

Tue Oct 27, 2015 8:30 pm

first of all you have to know if its a switch problem or router problem

of course with the web gui of unifi switches can be a little difficult

try using only eth 5-8 on ccr1009 this ports are direct to the cpu to discard integrated switch (eth1-eth4) fault

off course be sure of use at least 6.30.4 ros and latest firmware 3.27

then if this not correct the situation use the switched ports on mikrotik again to take advantage of switch host list to see if you lost layer 2 connectivity
 
pe1chl
Forum Guru
Forum Guru
Posts: 6174
Joined: Mon Jun 08, 2015 12:09 pm

Re: Mikrotik vlans and UniFi Switch issues

Tue Oct 27, 2015 8:56 pm

I have some experience with cheap switches, and some are really weird.
Maybe the same for your switch.

I have setup many other switches (3com, cisco, HP) with complicated VLAN without problem, but on the low-end market it appears that the people writing the firmware do not understand the VLAN concept and/or stay close to how the chips need to be programmed.

E.g. when you want to have untagged ports, it is not uncommon that you have to program the "remove tag on output" and "add tag on input" separately for each port, and when you don't yet know that it will be impossible to get it working.
 
User avatar
docmarius
Forum Guru
Forum Guru
Posts: 1220
Joined: Sat Nov 06, 2010 12:04 pm
Location: Timisoara, Romania
Contact:

Re: Mikrotik vlans and UniFi Switch issues

Wed Oct 28, 2015 7:18 am

This is the reason I returned my Unifi switch and used an Edgeswitch instead.
The problem is I never managed to set up a trunk port on the Unifi switch (never found such an option), and I suppose it needs an Unifi router to allow such setup.

Maybe as a hint and a good luck wish: For the Edgeswitch, which had the same initial behavior, I had to disable STP on the switch which seems to be the culprit. After that, all was working OK (with a proper VLAN setup, of course).
Torturing CCR1009-7G-1C-1S+, RB450G, RB750GL, RB951G-2HnD, RB960PGS, RB260GSP, OmniTIK 5HnD and NetMetal 922UAGS-5HPacD + R11e-5HnD in my home network.
 
BigSky
just joined
Topic Author
Posts: 19
Joined: Tue Aug 24, 2010 11:45 pm
Location: Montana, US

Re: Mikrotik vlans and UniFi Switch issues

Tue Nov 03, 2015 8:36 pm

Okay, I got it working.

Docmarius, Ubnt has just release a firmware that allows you to have management of the USW on a VLAN, thus creating a trunk port. But I think you have to have untagged DHCP on first to associate it to the Controller software and then you can change it to the management vlan.

But to get it to work I had to change Bridge-Corp on the Mikrotik to STP (not the default RSTP). Then everything came up. Bridge-Management is still RSTP. No way to change these settings on the UniFi Switch.

???? Not exactly sure why this works, but it does.
 
gammy69er
newbie
Posts: 46
Joined: Sun May 18, 2014 3:01 am

Re: Mikrotik vlans and UniFi Switch issues

Fri Feb 05, 2016 5:28 am

Okay, I got it working.

Docmarius, Ubnt has just release a firmware that allows you to have management of the USW on a VLAN, thus creating a trunk port. But I think you have to have untagged DHCP on first to associate it to the Controller software and then you can change it to the management vlan.

But to get it to work I had to change Bridge-Corp on the Mikrotik to STP (not the default RSTP). Then everything came up. Bridge-Management is still RSTP. No way to change these settings on the UniFi Switch.

???? Not exactly sure why this works, but it does.

Ty to both of you - 8 Hours of complete RAGE - then giving up to look at another day, and find this. My exact problem appears to be that the Unifi Switch doesn't appear to handle anything apart from one Network (VLAN or Not) when RSTP is enabled on the Bridges.

NO VLAN in Unifi Controller - Network up but VLAN no go.
VLAN On in Unifi - ALL Traffic runs through the VLAN - had to put the VLAN that was on the LAN Bridge into the LAN Bridge to even get access back while troubleshooting (lucky it didn't loop and die :P).

was Messy, but i Will Confirm that RSTP cannot be enable at this stage with Unifi Switch and Mikrotik (from my experience andywho)

Good luck to all
 
smallfount
just joined
Posts: 5
Joined: Sun Jan 17, 2016 6:10 am

Re: Mikrotik vlans and UniFi Switch issues

Fri Feb 05, 2016 5:44 am

I made a similar connection between my RB450G and HP 2910al
but I don't use any untagged vlan on the trunk line since it will not work.
So on the port on Switch which work as the trunk port, I tagged all the vlan needed.
And on the RB450G, I created all the vlan as sub-interface of the master LAN port and add them ip address, and remove the LAN IP address since now it should work as a trunk port, all the 3rd-layer works should now pass to the VLAN interface.
Now it works well although we need to create multi DHCP for them.....
But it works just like what I want.

Who is online

Users browsing this forum: abrar226, AndyGs, Bing [Bot], topmktwww and 71 guests