Page 1 of 1

RB3011 Switch Chip Question

Posted: Sat Jul 16, 2016 3:03 pm
by efaden
Hey,

So I am trying to configure the switch chip in the RB3011 and am running in to a bit of a problem.  Is there something special about VLAN 1?...

Basically I am trying to have
ether01 be the gateway...

ether02-ether05 be switch 1.... 
ether06-ether10 be switch 2....

I am trying to have vlans 1,100, and 1003 come in as tagged via ports 02 through 09 and SFP.   I am then trying to have ether10 be untagged vlan 1.

Right now I have the master-ports configured.... I place the master ports into a bridge called "main".  I then placed the vlans on the bridge main.... the I made a bridge for each vlan (management, private, public).  

My current problem is with VLAN 1.  The problem is that it doesn't seem to work... either as tagged through 02 through 09 or as untagged on ether10.  

When I convert it to VLAN 99 it works fine...

Thoughts? 

The basic config I'm using is below.


/interface bridge
add comment="Loopback Bridge" mtu=1500 name=bridge-loopback
add comment="Management Bridge" mtu=1500 name=bridge-management
add comment="Private Bridge" mtu=1500 name=bridge-private
add comment="Public Bridge" mtu=1500 name=bridge-public
add comment="VPN Bridge" mtu=1500 name=bridge-vpn

/interface vlan
add comment="Management VLAN" interface=bridge-main name=vlan-management vlan-id=1
add comment="Private VLAN" interface=bridge-main name=vlan-private vlan-id=100
add comment="Public VLAN" interface=bridge-main name=vlan-public vlan-id=1003

/interface ethernet
set [ find default-name=ether1 ] name=ether01-gateway
set [ find default-name=ether2 ] name=ether02
set [ find default-name=ether3 ] master-port=ether02 name=ether03
set [ find default-name=ether4 ] master-port=ether02 name=ether04
set [ find default-name=ether5 ] master-port=ether02 name=ether05
set [ find default-name=ether6 ] name=ether06
set [ find default-name=ether7 ] master-port=ether06 name=ether07
set [ find default-name=ether8 ] master-port=ether06 name=ether08
set [ find default-name=ether9 ] master-port=ether06 name=ether09
set [ find default-name=ether10 ] master-port=ether06
set [ find default-name=sfp1 ] master-port=ether02 name=sfp01


/interface ethernet switch port
set ether02 vlan-mode=secure vlan-header=add-if-missing
set ether03 vlan-mode=secure vlan-header=add-if-missing
set ether04 vlan-mode=secure vlan-header=add-if-missing
set ether05 vlan-mode=secure vlan-header=add-if-missing
set ether06 vlan-mode=secure vlan-header=add-if-missing
set ether07 vlan-mode=secure vlan-header=add-if-missing
set ether08 vlan-mode=secure vlan-header=add-if-missing
set ether09 vlan-mode=secure vlan-header=add-if-missing
set ether10 vlan-mode=secure vlan-header=always-strip default-vlan-id=1
set switch1-cpu vlan-mode=secure vlan-header=add-if-missing
set switch2-cpu vlan-mode=secure vlan-header=add-if-missing

/interface ethernet switch vlan
add switch=switch1 ports=switch1_cpu,ether02,ether03,ether04,ether05 vlan-id=1
add switch=switch1 ports=switch1_cpu,ether02,ether03,ether04,ether05 vlan-id=100
add switch=switch1 ports=switch1_cpu,ether02,ether03,ether04,ether05 vlan-id=1003

add switch=switch2 ports=switch2_cpu,ether06,ether07,ether08,ether09,ether10 vlan-id=1
add switch=switch2 ports=switch2_cpu,ether06,ether07,ether08,ether09,ether10 vlan-id=100
add switch=switch2 ports=switch2_cpu,ether06,ether07,ether08,ether09,ether10 vlan-id=1003

/interface bridge port
add bridge=bridge-public interface=vlan-public
add bridge=bridge-private interface=vlan-private
add bridge=bridge-management interface=vlan-management
add bridge=bridge-main interface=ether02
add bridge=bridge-main interface=ether06
add bridge=bridge-main interface=sfp01

Re: RB3011 Switch Chip Question

Posted: Sun Jul 17, 2016 11:27 pm
by olkitu
Hi, i think problem is native VLAN what is number 1. Normally not good use VLAN 1. Please use VLAN 2 -> :)

Re: RB3011 Switch Chip Question

Posted: Mon Jul 18, 2016 12:55 am
by efaden
Hi, i think problem is native VLAN what is number 1. Normally not good use VLAN 1. Please use VLAN 2 -> :)
I was thinking that may be the problem.... 

Re: RB3011 Switch Chip Question

Posted: Tue Jul 19, 2016 8:39 pm
by efaden
Is it possible to configure a hybrid port on the RB3011 with the switch chip?

I am still trying to get an official response from MikroTik about this.

Re: RB3011 Switch Chip Question

Posted: Sat Jul 23, 2016 8:01 pm
by olkitu
Is it possible to configure a hybrid port on the RB3011 with the switch chip?

I am still trying to get an official response from MikroTik about this.
You mean trunk? Multiple VLAN to one Ethernet port. Yes it's possible but devices must support that. 
Well... i think take time getting official response...

Re: RB3011 Switch Chip Question

Posted: Sat Jul 23, 2016 8:19 pm
by efaden
Nope.  I meant hybrid.

Access Port -> Single Untagged VLAN
Trunk Port -> Tagged VLANs (Single or Multiple, but all tagged)
Hybrid Port -> Untagged Traffic + One or More Tagged

Re: RB3011 Switch Chip Question

Posted: Sat Jul 23, 2016 8:21 pm
by efaden
I did get an answer about what I needed though.  Basically since I wanted to use VLAN 1 I needed to change the default-vlan-id on the trunk ports to 0 (or something other than auto).  Since auto uses 1 which caused problems.

-Eric

Re: RB3011 Switch Chip Question

Posted: Sat Jul 23, 2016 8:27 pm
by cutedrummerboy
Nope.  I meant hybrid.

Access Port -> Single Untagged VLAN
Trunk Port -> Tagged VLANs (Single or Multiple, but all tagged)
Hybrid Port -> Untagged Traffic + One or More Tagged
i want to more precisely clarify

Access Port -> Single Untagged VLAN
Trunk Port -> Tagged VLANs only
Hybrid Port -> Single Untagged VLAN + One or More Tagged

Re: RB3011 Switch Chip Question

Posted: Sat Jul 23, 2016 8:29 pm
by efaden
Nope.  I meant hybrid.

Access Port -> Single Untagged VLAN
Trunk Port -> Tagged VLANs (Single or Multiple, but all tagged)
Hybrid Port -> Untagged Traffic + One or More Tagged
i want to more precisely clarify

Access Port -> Single Untagged VLAN
Trunk Port -> Tagged VLANs only
Hybrid Port -> Single Untagged VLAN + One or More Tagged
Thanks... yep.. 

Re: RB3011 Switch Chip Question

Posted: Sat Jul 23, 2016 9:49 pm
by haik01
Access Port -> Single Untagged VLAN  --> For normal Ehternet connections by PC's, printers etc...
Trunk Port -> Tagged VLANs (Single or Multiple, but all tagged). Between routers and L3 switches. For example Mikrotik to HP Procurve switch (or Cisco).
Hybrid Port -> Untagged Traffic + One or More Tagged. For IP telephones and behind the phone the PC (to save on cabling). The phone needs a tagged port (to separate VoIP traffic form LAN traffic), and the PC needs a non VLAN traffic (untagged). So the IP phone listens only to tagged traffic, and blocks VLAN traffic to go out of the LAN port to the PC.