Community discussions

MikroTik App
 
janFfm
newbie
Topic Author
Posts: 27
Joined: Thu Feb 01, 2018 11:39 am

Management VLAN and DHCP distribution

Thu Nov 15, 2018 4:15 pm

Hey everyone,
i hope you can help me with a probably quite trivial situation.

I have a small network consisting of 3 Routers and a few clients and printers.
The router providing the internet connectivety can be left out of the ecuation.

The other two devices are:
  • a cisco router providing VLAN, firewall and DHCP
  • a 10 port mikrotik router for further distribution of the VLANs
The Network uses 3 VLANS (P1->VID:20, P2->VID:30, MGMT->VID:99)
Ether1 is supposed to be the trunk port (carry tagged traffic)

Now here is the thing:
i would very much like to use the same Management VLAN for both Routers (VID 99) accessed on 4 different ports.
Meaning, once connected to the according ports i would like to:
  • 1. receive an ip address from the cisco router and
  • 2. be able to connect and manage both of the devices from the same connected pc
Following this manual regarding VLAN configuration i would have to perform the following tasks on the device:
/interface bridge
add name=bridge1 protocol-mode=none
/interface bridge port
add bridge=bridge1 interface=ether1 hw=yes
add bridge=bridge1 interface=ether2 hw=yes
add bridge=bridge1 interface=ether3 hw=yes
/interface ethernet switch vlan
add ports=ether1,ether2 switch=switch1 vlan-id=20
add ports=ether1,ether3 switch=switch1 vlan-id=30
[b]add ports=ether1,switch1-cpu switch=switch1 vlan-id=99[/b]
/interface vlan
add interface=bridge1 vlan-id=99 name=MGMT
/ip address
add address=192.168.99.1/24 interface=MGMT
/interface ethernet switch port
set ether1 vlan-mode=secure vlan-header=add-if-missing
set ether2 vlan-mode=secure vlan-header=always-strip default-vlan-id=20
set ether3 vlan-mode=secure vlan-header=always-strip default-vlan-id=30
set switch1-cpu vlan-header=leave-as-is vlan-mode=secure


Now, here i encounter a few more problems::
  • 3. the interface "brige1" should receive its ip from the cisco router. Can i accomplish this?
  • 4. I don't understand what it means that the switch-cpu appears in the list of the ports of the MGMT VLAN.
    The original coding is:
    add ports=ether1,switch1-cpu switch=switch1 vlan-id=99
  • 5. if i need to get untagged traffic for that VLAN on certain ports (Ether4, Ether5). Do i have to add those ports to that list and afterwards strip the VLAN headers for those ports?

I hope i was able to describe my problem and I am gratefull for any help!

Jan
 
sid5632
Long time Member
Long time Member
Posts: 553
Joined: Fri Feb 17, 2017 6:05 pm

Re: Management VLAN and DHCP distribution

Fri Nov 16, 2018 2:09 am

set ether1 vlan-mode=secure vlan-header=add-if-missing
I would change this to:
set ether1 vlan-mode=secure vlan-header=leave-as-is
  • 3. the interface "brige1" should receive its ip from the cisco router. Can i accomplish this?
Yes, just create a DHCP client on the MGMT interface and remove the static address.
  • 4. I don't understand what it means that the switch-cpu appears in the list of the ports of the MGMT VLAN.
The switch1-cpu port is the link from the switch chip to the cpu (er, obvious eh?). The VLAN interface runs on the CPU so you need to get tagged frames to it.
  • 5. if i need to get untagged traffic for that VLAN on certain ports (Ether4, Ether5). Do i have to add those ports to that list and afterwards strip the VLAN headers for those ports?
Yes. And add the ports to the bridge.
 
janFfm
newbie
Topic Author
Posts: 27
Joined: Thu Feb 01, 2018 11:39 am

Re: Management VLAN and DHCP distribution

Mon Nov 19, 2018 10:46 am

Thanks very much for the reply!
The switch1-cpu port is the link from the switch chip to the cpu (er, obvious eh?). The VLAN interface runs on the CPU so you need to get tagged frames to it.
Unf., since you could consider my skills as newbe level, this is not that obvious to me.
if i were to run 3 VLANS on that switch chip, does this mean, that i'd have to get tagged frames of all three VLANS to the CPU?
Is this possible and if so, how do i code this?

Thank you very much for your help!

Who is online

Users browsing this forum: Amazon [Bot], EmuAGR, ppawe, sas2k, TheCat12, truefriendcz and 76 guests