First of all thanks in advance for reading my post. I've recently for a new Mikrotik Router HAP AC and becoming a fan of it everyday.
I've setup my router to create three separate subnets to segregate traffic and manage devices properly. The three subnets I have are:
1. Home LAN: 192.168.40.0/24
2. Devices LAN: 192.168.50.0/24
3. Guests LAN: 192.168.8.0/24
The thing is that by default I can access IPs from one subnet to the other. I haven't really touched any routing tables or anything to allow that. I created these subnets so that the networking traffic among them should not be routable unless I explicitly configure it. For example, I should not be able to ping/access devices from Home LAN to Devices LAN unless I allow it in routing tables (perhaps in the router somewhere?).
I'm not a networking guru, just have some working knowledge and familiar with OSI, DNS, DHCP, Firewalls and some general stuff. So I'd appreciate if you can guide me where do I have to flip the switches to prevent routing between subnets. Ideally I don't want to use IP > Firewall for this, as I have to manually create a lot of rules for each combination of subnets and also because it is an overhead that I'd rather avoid if possible
FWIW, I've create my setup by create a bridge for each subnet LAN (see attached picture). DHCP is configured at bridge level to assign IPs. Ignore the default "bridge" for my configuration. Check out bridge-guest-lan, bridge-iot-lan and bridge-main-lan.
Thanks in advance!