Hello,
is it possible to configure hybrid port with untagged VLAN 1? I need to configure one port with one or more VLANs (tagged) and leave there untagged VLAN 1 because of Ubiuqiti Unifi AP. There is not possible to configure management VLAN in Ubiquiti and it has to be untagged VLAN 1 :-/
I have RB3011UiAS running ROS 6.44.
It looks like a problem according to this: viewtopic.php?f=2&t=110276&sid=79f099ca ... 8413e9b8f7
Is there any solution? Thank you...
Re: VLAN - hybrid port - untagged VLAN 1
The post you are referencing is from 2016 and at the end of 2017 how VLANs where done and managed was changed. So that post is irrelevant. Have you tried following the current steps here: https://wiki.mikrotik.com/wiki/Manual:I ... _Filtering ?
Re: VLAN - hybrid port - untagged VLAN 1
https://wiki.mikrotik.com/wiki/Manual:B ... witch_chip
is for VLAN on RB3011
but I think you can still use bridge VLAN as well.
also check this
https://wiki.mikrotik.com/wiki/Manual:S ... _switching
so you will need to add VLAN to the bridge and put your hybrid port on the bridge. add IP, DHCP etc as you needed.
from here, you can either use bridge vlan: add VLANs on bridge / VLAN, and configure bridge/port for untagged VLAN 1 and tagged VLAN xx and xx; and enable VLAN filtering on the bridge.
Or you can do switch VLAN, add swtich / VLAN, then configure switch / port , set PVID 1 for the port. in my setup I have untagged VLNA1, tagged VLAN 20 and 30 running on ether2
is for VLAN on RB3011
but I think you can still use bridge VLAN as well.
also check this
https://wiki.mikrotik.com/wiki/Manual:S ... _switching
so you will need to add VLAN to the bridge and put your hybrid port on the bridge. add IP, DHCP etc as you needed.
from here, you can either use bridge vlan: add VLANs on bridge / VLAN, and configure bridge/port for untagged VLAN 1 and tagged VLAN xx and xx; and enable VLAN filtering on the bridge.
Or you can do switch VLAN, add swtich / VLAN, then configure switch / port , set PVID 1 for the port. in my setup I have untagged VLNA1, tagged VLAN 20 and 30 running on ether2
Code: Select all
## set native VLAN1 for ether 2
/interface ethernet switch port
set 0 default-vlan-id=1 vlan-mode=secure
/interface ethernet switch vlan
add ports=ether2 switch=switch1 vlan-id=20
add ports=ether2 switch=switch1 vlan-id=30
add ports=ether2 switch=switch1 vlan-id=1
Re: VLAN - hybrid port - untagged VLAN 1
2 Samot: I know, that there are some changes now. I wanted to know if it's possible now.
2 solar77: Thank you!
I have to reconfigure this device which is already running somewhere and there is some weird configuration already. There is a bridge and there are 2 switches configured. I assume, that those switches are part of a default config because of two switch chips in this device? So I'm thinking what I have to use for VLANs. Switches or bridge?
Also I'm not sure I understand those switch cpu ports.
2 solar77: Thank you!
I have to reconfigure this device which is already running somewhere and there is some weird configuration already. There is a bridge and there are 2 switches configured. I assume, that those switches are part of a default config because of two switch chips in this device? So I'm thinking what I have to use for VLANs. Switches or bridge?
Also I'm not sure I understand those switch cpu ports.
Re: VLAN - hybrid port - untagged VLAN 1
hi, I have only started to look at VLAN recently . My understanding is that, the switch VLAN only comes into consideration if you wish to have hardware offload for VLAN (the traffic between VLAN ports would be near wire speed because the swhich chip feature support this).
note on the wiki:
hope this helps you.
note on the wiki:
so if you cannot fit all VLAN port on the same switch chip, CPU will be involved in forwarding traffic to another switch chip, you might as well use bridge VLAN for it's simplicity .For devices that have multiple switch chips (for example, RB2011, RB3011, RB1100), each switch chip is only able to switch VLAN traffic between ports that are on the same switch chip, VLAN filtering will not work on a hardware level between ports that are on different switch chips, this means you should not add all ports to a single bridge if you are intending to use VLAN filtering using the switch chip, VLANs between switch chips will not get filtered. You can connect a single cable between both switch chips to work around this hardware limitation, another option is to use Bridge VLAN Filtering, but it disables hardware offloading (and lowers the total throughput).
hope this helps you.
Re: VLAN - hybrid port - untagged VLAN 1
Thank you. I know about that. But I'm talking about "switch1-cpu" port, which is used here in examples:
https://wiki.mikrotik.com/wiki/Manual:B ... _switching
I don't know how to work with this.
https://wiki.mikrotik.com/wiki/Manual:B ... _switching
I don't know how to work with this.
Re: VLAN - hybrid port - untagged VLAN 1
that I think is to give the CPU (Router) access to your managed VLAN
I have not tried it yet but that's my understanding.
I have not tried it yet but that's my understanding.
Re: VLAN - hybrid port - untagged VLAN 1
Some good examples here, one of them with a hybrid port.........
https://wiki.mikrotik.com/wiki/Manual:Bridge_VLAN_Table
https://wiki.mikrotik.com/wiki/Manual:Bridge_VLAN_Table
Re: VLAN - hybrid port - untagged VLAN 1
thanks ava, good reading. in particular there is a link within the text, to "Manual:Layer2 misconfiguration"
Re: VLAN - hybrid port - untagged VLAN 1
But on my switches RB941-2nD & RB951G-2HnD that disables hardware offloading so that's why I would like to setup using /interface ethernet switch method.Some good examples here, one of them with a hybrid port.........
https://wiki.mikrotik.com/wiki/Manual:Bridge_VLAN_Table
The same problem for me
Here are the settings on RB941-2nD:
But the switch uses tag for egress traffic:
Re: VLAN - hybrid port - untagged VLAN 1
Safety1st: Look at this: viewtopic.php?f=2&t=148111
Re: VLAN - hybrid port - untagged VLAN 1
Example using switch chip https://wiki.mikrotik.com/wiki/Manual:S ... d_Ports.29. Note only QCA8337 & Atheros8327 switch chips support hybrid ports, it is not possible to have hardware switched hybrid ports on your RB941-2nD.But on my switches RB941-2nD & RB951G-2HnD that disables hardware offloading so that's why I would like to setup using /interface ethernet switch method.Some good examples here, one of them with a hybrid port.........
https://wiki.mikrotik.com/wiki/Manual:Bridge_VLAN_Table
Re: VLAN - hybrid port - untagged VLAN 1
On 100Mbit Swich Chip only this way:
Code: Select all
/interface bridge
add frame-types=admit-only-vlan-tagged ingress-filtering=yes name=bridge1 vlan-filtering=yes
/interface vlan
add interface=bridge1 name="Untagged VLAN" vlan-id=1
add interface=bridge1 name=VLAN99 vlan-id=99
/interface bridge port
add bridge=bridge1 ingress-filtering=yes interface=ether1
/interface bridge vlan
add bridge=bridge1 tagged=bridge1 untagged=ether1 vlan-ids=1
add bridge=bridge1 tagged=bridge1,ether1 vlan-ids=99
/ip address
add address=192.168.120.1/24 interface="Untagged VLAN" network=192.168.120.0
add address=192.168.121.1/24 interface=VLAN99 network=192.168.121.0
Who is online
Users browsing this forum: AimiSayo and 70 guests