In this post I describe what is my problem:
viewtopic.php?f=2&t=127500&p=626795#p626795

Long story short, I have got advise from support to try 6.41rc with the new bridge concept and hardware offloading. Support says that maybe the problem was due to broadcasts both on vlans and on untagged interfaces, which could not be handled in 6.39.3
In my test setup everything works fine using 6.41rc56 and I can pull and insert any cable between the switches, the RSTP prevents loop as desires.

In the "real life network" we were finally able to unplug cables and get rid of loops, then I upgraded all switches to 6.41rc56 and things looked fine.

But finally the loops arrived again, apparently upon some topology change.
Only CRS106es connected, nothing on Combo ports (i.e. no tagged traffic).

Right now I have broadcast at wire speed in on sfp4 on two of the switches. The rest are unavailable.

I thought that a config like this with RSTP should prevent any loop and give me redundancy.

What more can I do to prevent loops?

Code: Select all

# Master script
# Customer switches 

/interface bridge
add name=bridge1

/interface ethernet
set [ find default-name=combo1 ] comment="Connected equipment"
set [ find default-name=sfp5 ] comment="Future port for service network"

/interface bridge port
add auto-isolate=yes bridge=bridge1 interface=sfp1
add auto-isolate=yes bridge=bridge1 interface=sfp2
add auto-isolate=yes bridge=bridge1 interface=sfp3
add auto-isolate=yes bridge=bridge1 interface=sfp4
add auto-isolate=yes bridge=bridge1 interface=combo1

/interface ethernet switch egress-vlan-tag
add comment="VID 1004 is added to sfp1-4" tagged-ports=sfp1,sfp2,sfp3,sfp4 \
    vlan-id=1004

/interface ethernet switch ingress-vlan-translation
add comment=\
    "Untagged traffic from equipment is sent out on sfp1-4 with VID 1004" \
    customer-vid=0 new-customer-vid=1004 ports=combo1

/interface ethernet switch vlan
add comment="sfp1-4 + combo is in switch group" ports=\
    sfp1,combo1,sfp2,sfp3,sfp4 vlan-id=1004

/ip address
add address=10.4.1.100/16 interface=bridge1 network=10.4.0.0

/ip dns
set allow-remote-requests=yes servers=10.4.0.1

/ip route
add distance=1 gateway=10.4.0.1

/snmp
set enabled=yes

/system identity
set name=CSW-4.1.100

/system leds
set 0 type=interface-speed-1G
set 1 type=interface-speed-1G
set 2 type=interface-speed-1G
set 3 type=interface-speed-1G
set 4 type=interface-speed-1G
set 5 type=interface-speed-1G

/user
  set 0 password=******

Seems you're mixing old "switch configs" and "bridge" configs. The regular STP (RSTP) or new MSTP implementation works fine for me w/6.41rc based switches connected to Cisco switching. The Cisco switching is running MSTP on some and RSTP on others to try and highlight compatibility issues. You may want to post or just personally draw out your network and the links. You'll also want to ensure that STP is enabled across the board or at on switches where you don't think you have a loop you might.

Just because a port is sending untagged traffic doesn't mean it isn't capable of looping. It would just confine the loop to that VLAN. Additionally w/STP and RSTP everything happens untagged and isn't VLAN aware like VLAN aware PVSTP in Cisco. So if you're mixing links and allowed VLANs you may also create a loop when you don't think there is one. I'm really happy to see MSTP in MIkroTik as it let's us make something like PVSTP that so many of us grew up with.