Page 1 of 1

Forward LACP in bridge?

Posted: Fri Aug 17, 2018 10:20 am
by mhugo
Hi,

We are trying to use a CRS317 to repeat a wave that required more than 80 km laser. The customer wants us to forward LACP, but it seems the CRS is not doing it.

Is there any way I can bridge two interfaces so seamlessly that LACP is forwarded?

/M

Re: Forward LACP in bridge?

Posted: Fri Aug 17, 2018 10:44 am
by dadaniel
It seems that this is still not working after 10 years:
viewtopic.php?t=21913

Re: Forward LACP in bridge?

Posted: Fri Aug 17, 2018 11:03 am
by artz
This is possible by using the latest RC and protocol-mode=none.

Are you sure you want to use LACP on links that are bridged? There can be some throughput issues since LACP requires both links to be with the same speed.
I would guess that you are trying to use Wireless links, which can change the Wireless rate at any time, you should consider using other bonding modes.

You can read about an issue that you are going to have when using Wireless links in a bond here:
https://wiki.mikrotik.com/wiki/Manual:L ... less_links

If you are using CRS317, which is capable of offloading to the switch chip LACP interfaces, then you will have to give up hardware support for the bonding interface because of the protocol limitations described in the link.

LACPDUs are not meant to be forwarded for a reason, take precaution when forwarding them.

Re: Forward LACP in bridge?

Posted: Fri Aug 17, 2018 12:13 pm
by mhugo
Hi,

The reason is that the optical link was too long, so im using a CRS317 to repeat the signal. It should not do anything but forward packets to the other port. I dont know if a port mirror could be used?

/M

Re: Forward LACP in bridge?

Posted: Fri Aug 17, 2018 2:12 pm
by artz
In such case it is possible, here is an example:
/interface ethernet switch rule
add new-dst-ports=ether2 ports=ether1 switch=switch1

Re: Forward LACP in bridge?

Posted: Fri Aug 17, 2018 2:19 pm
by sindy
It couldn't because mirroring copies both traffic directions from the source port to the destination port, but what is received on the mirror destination port gets nowhere. So yes, you need a bridge between two ports.

Assuming that you are going to use two CRS with two SFPs each to avoid a SPOF represented by a single CRS with two bonds, one looking in each direction.

Re: Forward LACP in bridge?

Posted: Mon Oct 08, 2018 10:57 am
by anuser
Hello,

I´m in the same situation. I updated my CRS317-1G-16S+ to 6.44beta17 and LACPPDUS are traveling through the bridge which is configured on the CRS317.
When I login on the switches and show lldp neighbor the switches actually see the CRS317:
dis lldp neighbor-information list
System Name Local Interface Chassis ID Port ID
swch-047 XGE1/0/25 d894-03fc-a9a6 Ten-GigabitEthernet1/0/25 <= LACP link1.1
swch-047 XGE1/0/26 d894-03fc-a9a6 Ten-GigabitEthernet1/0/26 <= LACP link1.2
MikroTik XGE1/0/26 64d1-54ea-c305 bridge1


/interface bridge port
add bridge=bridge1 comment=defconf hw=no interface=sfp-sfpplus1
add bridge=bridge1 comment=defconf hw=no interface=sfp-sfpplus2


So how can I make the CRS317 truly transparent such that the switches don´t see him?

UPDATE:
CRS317 configuration with "ARP disabled" on bridge1" and "ip neighbors" disabled for all ports helped

Re: Forward LACP in bridge?

Posted: Mon Oct 08, 2018 11:19 am
by sindy
The way @artz has suggested in post #5 above - you must use /interface ethernet switch rule to forward ingress frames from port A to port B and vice versa without local processing. So also the LLDP frames, BPDU frames etc. won't make it to the CPU but will be forwarded to the other port in the A<->B pair.

Re: Forward LACP in bridge?

Posted: Mon Oct 08, 2018 12:43 pm
by anuser
Thanks!

Re: Forward LACP in bridge?

Posted: Thu Dec 05, 2019 3:53 pm
by xtornado
Hello

I use a crs305-1G-4S+ ,

I tried to use crs305-1G-4s+ as regeneration device , for 80+ km long fiber.

For test i have setup two crs305 on my desk.. Sfp1+Sfp2 works as pair1, Sfp3+Sfp4 work as second pair I it configured on the same way...
On test CRS1 and CRS2 are connected over SFP1... ping beeween devices over MVlan100 (192.168.1.0/24) work fine until i get turn on switch rule:

/interface ethernet switch rule
add disabled=no new-dst-ports=sfp-sfpplus1 ports=sfp-sfpplus2 switch=switch1
add disabled=no new-dst-ports=sfp-sfpplus2 ports=sfp-sfpplus1 switch=switch1
add disabled=no new-dst-ports=sfp-sfpplus3 ports=sfp-sfpplus4 switch=switch1
add disabled=no new-dst-ports=sfp-sfpplus4 ports=sfp-sfpplus3 switch=switch1


Its stops IP connectivity beetween ports and devices.. it not allow passing any ip traffic... not eaven beetween two CRS305... and not eaven on devices that are connected to SFP2 on both devices (two routers) , cannot ping anything..


/interface bridge
add arp=disabled igmp-snooping=yes name=bridge1 protocol-mode=none vlan-filtering=yes
/interface ethernet
set [ find default-name=ether1 ] speed=100Mbps
set [ find default-name=sfp-sfpplus1 ] speed=10Gbps
set [ find default-name=sfp-sfpplus2 ] speed=10Gbps
set [ find default-name=sfp-sfpplus3 ] speed=10Gbps
set [ find default-name=sfp-sfpplus4 ] speed=10Gbps
/interface vlan
add interface=bridge1 name=Mvlan110 vlan-id=110
add interface=bridge1 name=Mvlan120 vlan-id=120
add interface=bridge1 mtu=10200 name=vlan10 vlan-id=10
add interface=bridge1 mtu=10200 name=vlan20 vlan-id=20
/interface bridge port
add bridge=bridge1 interface=sfp-sfpplus1 pvid=10
add bridge=bridge1 interface=sfp-sfpplus2 pvid=10
add bridge=bridge1 interface=sfp-sfpplus3 pvid=20
add bridge=bridge1 interface=sfp-sfpplus4 pvid=20
/interface bridge vlan
add bridge=bridge1 tagged=bridge1 untagged=sfp-sfpplus1,sfp-sfpplus2 vlan-ids=10
add bridge=bridge1 tagged=bridge1 untagged=sfp-sfpplus3,sfp-sfpplus4 vlan-ids=20
add bridge=bridge1 tagged=bridge1,sfp-sfpplus1,sfp-sfpplus2 vlan-ids=110
add bridge=bridge1 tagged=bridge1,sfp-sfpplus1,sfp-sfpplus2 vlan-ids=120
/interface ethernet switch rule
add disabled=yes new-dst-ports=sfp-sfpplus1 ports=sfp-sfpplus2 switch=switch1
add disabled=yes new-dst-ports=sfp-sfpplus2 ports=sfp-sfpplus1 switch=switch1
add disabled=yes new-dst-ports=sfp-sfpplus3 ports=sfp-sfpplus4 switch=switch1
add disabled=yes new-dst-ports=sfp-sfpplus4 ports=sfp-sfpplus3 switch=switch1
/ip address
add address=192.168.88.1/24 interface=ether1 network=192.168.88.0
add address=192.168.1.2/24 interface=Mvlan110 network=192.168.1.0
/ip ssh
set allow-none-crypto=yes forwarding-enabled=remote
/system clock
set time-zone-name=Europe/Zagreb
/system identity
set name=test2
/system routerboard settings
set boot-os=router-os

Can someone knows what is the problem in this config?
I need a LACP forwarding beetween ports and i need that l3 traffic works over the same ports..

Thx
Best regards