Hello,

I currently run a Zywall 100 and a Zyxel GS1920 manageable switch. I plan to replace the Zywall due to Qos problems + limited throughput and I am actually experimenting with a CRS125 cloud router I bought for home use. If the experiment is OK, I plan to deploy a Mikrotik RB3011UiAS-RM in place of the Zywall/CRS125.

I am having a hard time recreating the VLANs we are used to work with, and I start to ask myself : is even my VLAN strategy correct, and doable on a Mikrotik router ? As I am mostly self-taught regarding networks and I do have not much thehoric knowledge on the field (I'm basicaly programmer), I would appreciate your feedback.

So far here is what I had set on my former configuration :

On the GS1920 switch, I have 3 VLANS set on various ingress ports, each being on it own subnet :
VLAN1 for our team
VLAN2 for voip trafic
VLAN10 for guest vlan
Then they all go out from the switch to the router, through the same 802.1p tagged egress port. So I guess this port is what we'd call a wan trunk.

On the router, I have a different DHCP server set per VLAN.

My main trouble with this configuration is the QoS doesn't work at all. I have rules specified per VLAN interface and the neither the bandwidth shaper nor the priority setting have any effect on the poor quality of my Voip. I have also tried specifying the Qos filters per ip range rather than per VLAN interface, with the same result.

When I look at the VLAN tutorials for Mikrotik, I always see 1 VLAN per port. But many Mikrotik routers are also switches, so it could explain this port based VLAN scheme.
The thing is, I am starting to ask myself : "maybe my Qos filtering does not work because I should set 1 VLAN per port on the router, with 3 egress ports on the switch rather than using a WAN trunk.

So, since VLAN setup is a hard task (I have already had a hard time on the subject for 2 days, Mikrotik routers are a bit harsh to setup), could you experienced network administrators tell me how you would do it, so I can dig in the right direction ?

Another question : once I am done, is it likely I can simply backup the CRS125 configuration and boot the RB3011UiAS-RM with it ?

Thank you.

Alban

Trunking should work, but mikrotik switches are a pain to configure.
Which brings me to question 2: no, because the switches work differently from the routers, to be precise, switched ports work differently.

Another thing, are you sure about the way your qos doesn't work?

There are two ways to define VLAn's on a Mikrotik:

1. Simple, add VLAN to a port (multiple if you need a trunk). That way the VLAN will go through the processor chip (means slow(er) performance).
2. Define VLAN on the switch chip (that is very fast).

And yes, CRS (Cloud router SWITCH) behaves completely different than a "normal RB3011".

When I look at the VLAN tutorials for Mikrotik, I always see 1 VLAN per port. But many Mikrotik routers are also switches, so it could explain this port based VLAN scheme.
The thing is, I am starting to ask myself : "maybe my Qos filtering does not work because I should set 1 VLAN per port on the router, with 3 egress ports on the switch rather than using a WAN trunk.

So, since VLAN setup is a hard task (I have already had a hard time on the subject for 2 days, Mikrotik routers are a bit harsh to setup), could you experienced network administrators tell me how you would do it, so I can dig in the right direction ?

If your VLANs are working (passing traffic) you are doing this the right way. Your strategy is fine. You can have multiple VLANs per port. This does not interfere with ability to do QoS. You can do QoS with this setup.

Most likely you are just not doing QoS properly. Certain setting combinations usually do not work with QoS (ex. setting an interface as the 'target' for a simple queue generally doesn't work unless it's a PPPoE tunnel or something), and some features are bypassed if you are using fasttrack. You need to clarify your QoS configuration, are you using simple queues or queue trees (or both, for different things), are you using fasttrack, etc.