Hello everybody,
i'm new to networking and also to working with mikrotik devices in general. So, i need some basic understanding off implementing VLAN communication using bridges in addition to the allocation of the ports to dedicated switch chips.

Intended Scenario:

Used Devices:
[*]Cisco Router (as Gateway and for general VLAN and DHCP deployment);
[*]Mikrotik RB2011 w. RouterOS: v6.41 (extends VLAN-Access for clients and devices)

What to achieve:
Cisco Router is used for VLAN implementation, as DHCP Server and as gateway;
All VLANs also need to be accessible from RB2011;
Trunk between Cisco Rourter and RB2011 port eth1 (switch chip 1);

[*]VLAN10 on eth2-eth6 (switch chip 1 & 2);
[*]VLAN20 on eth7-9 (switch chip 2);
[*]VLAN30 on eth10 (switch chip 2);

What i tried so far:
Assuming that in my usecase https://wiki.mikrotik.com/wiki/Manual:B ... _switching is the way to configure the device:

1. Build a bridge:

2. Add the trunk port as well as the accessports to that brige:
(what about eth6???)

3. Assign the corresponding VLAN-ID to the switch chip:
(what about eth6???)

Questions:

A:
According to the manual on RB2011 there is no dedicated markup for tagged/untagged ports.
Does that mean, the code line: /interface ethernet switch vlan add ports=x,y,z allocates the ports to the designated VLANs (tagged and untagged)?

B:
In my scenario the trunk port is bound to switch chip one (eth1).
How do i integrate the VLANS on ports allocated to switch chip 2? Especially interesting: With VLAN10, where the ports span over both switch chips. How do i accomplish this?

C:
In order to gain Device-Management on RB2011, can i deploy all the necessary IP and VLAN configuration using the Cisco Router, Instead off creating a dedicated VLAN on the Mikrotik device and assigning it an IP-configuration there.

Hopefully someone can point me in the right direction
Many Thanks in advance!!

Jan

Wiki has been updated with a note for this special case.

In short, you can't use VLAN filtering between different switch chips, you will have to use bridge VLAN filtering if you want to filter out VLANs between both switch chips, but that will lower the throughput for your device. Another option is to connect both switch chips together using an Ethernet cable, though this might not be the solution you are looking for. This is a hardware limitation, these devices were not designed to be used as a 10 port switch.

Wiki has been updated with a note for this special case.

In short, you can't use VLAN filtering between different switch chips, you will have to use bridge VLAN filtering if you want to filter out VLANs between both switch chips, but that will lower the throughput for your device. Another option is to connect both switch chips together using an Ethernet cable, though this might not be the solution you are looking for. This is a hardware limitation, these devices were not designed to be used as a 10 port switch.

Allright, i understand. Many thanks for this.
So in Order to come close to my goals, throughput wise, could i establish another trunk from the cisco device to the second switch chip?

Or, using your second suggestion, if i was to connect, let's say, eth5 and eth6 with a cable, could i have tagged traffic on this connection?
And if so, how do i distinguish tagged traffic from untagged? i wasn't able to determin this by this coding examples.

And finally, could you maybe also help with the question regarding device management access. Can i achieve the desired VLAN/ip-configuration via the cisco device?

Thanks again.

Jan