Community discussions

MUM Europe 2020
 
Elliot
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 56
Joined: Tue May 30, 2017 3:04 pm

L2 Q-in-Q traffic

Wed Nov 13, 2019 10:41 pm

Hey guys,
I have a simple question on how to set up switches so they can forward Q-in-Q vlan.

set up is pretty simple:

Client (whatever VLAN) -> CRS112 (SVID 1679) -> CRS112 (SVID 1679) -> CRS326 (SVID 1679) -> strip Q-in-Q vlan tag and pass along on port 24

I'm sure that one of you guys will know the answer. pick what ever ports you like all I need is how to configure this on CRS112 in switch menu and on CRS326 in bridge.
All I managed was strip whatever VLAN client was sending and give it VLAN header with VID 1679 but that's not what I want/need.

Thanks everyone for any help.

PS.: I looked at Wiki but it didn't work for whatever reason.
 
sindy
Forum Guru
Forum Guru
Posts: 4191
Joined: Mon Dec 04, 2017 9:19 pm

Re: L2 Q-in-Q traffic

Thu Nov 14, 2019 12:49 pm

Silence all around... the CRS1xx are really far from the rest of the RouterOS world. I think I know what to do, but not to an extent that I could just give you a list of commands and be 100% sure that it will implement what you need. So I can offer you an interactive remote access session if you don't find anyone else in a reasonable time.
Instead of writing novels, post /export hide-sensitive. Use find&replace in your favourite text editor to systematically replace all occurrences of each public IP address potentially identifying you by a distinctive pattern such as my.public.ip.1.
 
Elliot
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 56
Joined: Tue May 30, 2017 3:04 pm

Re: L2 Q-in-Q traffic

Thu Nov 14, 2019 4:56 pm

Silence all around... the CRS1xx are really far from the rest of the RouterOS world. I think I know what to do, but not to an extent that I could just give you a list of commands and be 100% sure that it will implement what you need. So I can offer you an interactive remote access session if you don't find anyone else in a reasonable time.
Yeah sure no problem,
where do you live? I'm from Czechia.
 
sindy
Forum Guru
Forum Guru
Posts: 4191
Joined: Mon Dec 04, 2017 9:19 pm

Re: L2 Q-in-Q traffic

Thu Nov 14, 2019 6:22 pm

where do you live? I'm from Czechia
So we may even not need remote access :)
Instead of writing novels, post /export hide-sensitive. Use find&replace in your favourite text editor to systematically replace all occurrences of each public IP address potentially identifying you by a distinctive pattern such as my.public.ip.1.
 
sindy
Forum Guru
Forum Guru
Posts: 4191
Joined: Mon Dec 04, 2017 9:19 pm

Re: L2 Q-in-Q traffic

Fri Nov 15, 2019 7:06 pm

If you haven't solved it yet, I think teamviewer is the fastest way of coming into direct contact (the PIN can be generated as only a temporary one so once you place it along with the ID here and I connect and give you my contact info, you can restart teamviewer and the PIN shown here will not be valid any more). Or you can publish here your public key so that I could cipher my contact using it and post the ciphered result here, and you could use your private key to decipher it.
Instead of writing novels, post /export hide-sensitive. Use find&replace in your favourite text editor to systematically replace all occurrences of each public IP address potentially identifying you by a distinctive pattern such as my.public.ip.1.
 
Elliot
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 56
Joined: Tue May 30, 2017 3:04 pm

Re: L2 Q-in-Q traffic

Tue Dec 03, 2019 11:40 am

Hey Sindy,
I'm sorry I haven't replied, but I've tried to set up a lab a test different things. The thing was that service VLAN in Mikrotik doesn't work quite as I needed so I've used CVID stacking instead and needed to overwrite 802.1AD to 802.1q on CRS112 for this to actually work. Now they can send whatever VLAN header and our switch will slap another tag onto it then strips it on it's way out.

But if you have a moment I would need to help with RSTP. I've got it working and everything, but on switch stops forwarding input traffic that result in ping loss. It's not that It wouldn't work, but in our Graphs it looks like there's something wrong with the switch even though everything is fine.
 
sindy
Forum Guru
Forum Guru
Posts: 4191
Joined: Mon Dec 04, 2017 9:19 pm

Re: L2 Q-in-Q traffic

Tue Dec 03, 2019 11:56 am

Hey Sindy,
The thing was that service VLAN in Mikrotik doesn't work quite as I needed so I've used CVID stacking instead and needed to overwrite 802.1AD to 802.1q on CRS112 for this to actually work. Now they can send whatever VLAN header and our switch will slap another tag onto it then strips it on it's way out.
That's also a way (made possible only recently, not many ROS versions ago the bridge was stripping away all tags with the same ethertype) but I strongly suspect you have to do that in software, but I'd like to understand better what means that "S-VLAN handling doesn't work as expected".

But if you have a moment I would need to help with RSTP. I've got it working and everything, but on switch stops forwarding input traffic that result in ping loss. It's not that It wouldn't work, but in our Graphs it looks like there's something wrong with the switch even though everything is fine.
Too little information about the environment to say anything useful.
Instead of writing novels, post /export hide-sensitive. Use find&replace in your favourite text editor to systematically replace all occurrences of each public IP address potentially identifying you by a distinctive pattern such as my.public.ip.1.
 
Elliot
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 56
Joined: Tue May 30, 2017 3:04 pm

Re: L2 Q-in-Q traffic

Tue Dec 03, 2019 10:31 pm

My RSTP is working fine and as you would expect but the switch where "alternate port" is stops periodically forwarding input packets (about 10% icmp packets). I tried different bridge priorities and port priorities to change root switches but everytime there's alternate port in bridge that switch stops forwarding input packets. I'm not sure what I do wrong.

I can give you some sort of switch scheme if you'd like to take a look at it :).

Who is online

Users browsing this forum: No registered users and 55 guests