Community discussions

 
orangetek
newbie
Topic Author
Posts: 44
Joined: Wed Aug 14, 2013 5:19 pm

[6.43rc44] Hardware offloaded bridge and 'Switch Port Isolation' not working.

Fri Jul 20, 2018 2:26 pm

Models Tested: RB750UP-r2 and RB960PGS (Firmware also updated)

Both units were reset to defaults with no config. These are the steps i took to set up a simple bridge and port isolation:
1. Create bridge with protocol mode to none
2. add all ethernet ports to bridge making sure hw offload is enabled for each. (verified with 'H' flag next to each port)

note: ether1 is the uplink port and ether2/3 are PC's
3. Switch>Port Isolation>ether2>Forwarding Overide ticked>Forward to ether1
4. Switch>Port Isolation>ether3>Forwarding Overide ticked>Forward to ether1
No internet access or communication between PC's. Router is accessible. If i disable Hardware offload for ether1 in the bridge ports, things work as expected. If i re enable Hardware offload on ether1 but disable it on ether2, the PC on ether2 gets internet access but the PC on ether3 does not.

Am i doing something wrong or is this RC still very buggy?

regards.
 
mkx
Forum Guru
Forum Guru
Posts: 2955
Joined: Thu Mar 03, 2016 10:23 pm

Re: [6.43rc44] Hardware offloaded bridge and 'Switch Port Isolation' not working.

Fri Jul 20, 2018 2:40 pm

Am i doing something wrong or is this RC still very buggy?
Or support for port isolation is simply not available on switch chips (QCA9531 in case of hEX PoE lite or QCA8337 in case of hEX PoE) and thus can not be offloaded from CPU to HW. I guess that's something to ask support@mikrotik.com about ...
BR,
Metod
 
marekm
Member Candidate
Member Candidate
Posts: 203
Joined: Tue Feb 01, 2011 11:27 pm

Re: [6.43rc44] Hardware offloaded bridge and 'Switch Port Isolation' not working.

Sat Jul 21, 2018 11:16 pm

Even old SwOS on RB250GS and RB260GSP allows setting up the matrix specifying between which ports traffic can be forwarded. So it's a pretty basic switch chip feature that even simple switch chips should have, that just needs to be properly exposed in RouterOS to allow port isolation.
 
User avatar
chechito
Forum Guru
Forum Guru
Posts: 1740
Joined: Sun Aug 24, 2014 3:14 am
Location: Bogota Colombia
Contact:

Re: [6.43rc44] Hardware offloaded bridge and 'Switch Port Isolation' not working.

Sun Jul 22, 2018 4:57 am

on RB960PGS which has QCA8337 switch chip, you can do port isolation using switch rules

RB750UP-r2 which has Atheros8227 switch chip, you can't because dont support switch rules

the good news is you can do port isolation by software using cpu resources using bridge horizon, in the end RB750UP-r2 only have 100mbps ethernet ports, maybe CPU can manage bridging at this speed

Who is online

Users browsing this forum: No registered users and 83 guests