Community discussions

MikroTik App
 
allyx
just joined
Topic Author
Posts: 2
Joined: Wed May 22, 2019 1:01 pm

Bridging a VLAN interface with other interfaces, hAP ac2

Sat Jun 27, 2020 8:51 pm

Hello guys, I have a question how to achieve the following idea in a recommended way.

I have a hAP ac2, and I have a managed switch.

On the managed switch I've divided the access ports in 3 VLANs and I've made a tagged trunk port accessing the 3 of them - let's say vlan10, vlan20, vlan30.

On the hAP, I've created 3 vlan interfaces on the trunk interface with vlan10, 20, 30, and added 3 addresses - let's say 192.168.1.1/24 : 192.168.1.0, 192.168.2.1/24 : 192.168.2.0, 192.168.3.1/24 : 192.168.3.0 attached to the respective vlan interface.

Up to now this scenario works kind-of - I have access to all machines on the 3 vlans by IP. One issue I have is I can't WoL the machines, but I suppose this is some broadcasting issue I will read how to solve.

What I want is the following: I want to bridge vlan10 to the rest of the interfaces on the hAP so that ether2,3,4 and vlan10 are the same LAN.

I'm not sure what's the correct way to do that - I tried adding the vlan10 interface to the bridge containing the other ports, but I don't have access to the vlan10 devices. I tried both to set the address(192.168.1.1/24) to the bridge, or to set two equal network addresses - one to the interface and one to the bridge, but it didn't work. I'd be thankful to hear any recommendations what are the best practices for my case - I just want the devices on the vlan10 network and the ones connected to the hAP ports and wifi to be on the same LAN.
 
kujo
Member Candidate
Member Candidate
Posts: 164
Joined: Sat Jun 18, 2016 10:17 am
Location: Ukraine

Re: Bridging a VLAN interface with other interfaces, hAP ac2

Sat Jun 27, 2020 11:42 pm

 
User avatar
xvo
Forum Veteran
Forum Veteran
Posts: 714
Joined: Sat Mar 03, 2018 1:12 am
Location: Moscow, Russia

Re: Bridging a VLAN interface with other interfaces, hAP ac2

Sun Jun 28, 2020 12:25 am

Using bridge vlan filtering on non-CRS3XX switch chips will severely degrade performance, as the bridge will lose hw-offloading.
So only the part of this manual, where all vlan interfaces are created on top of the bridge should be used.
The rest of vlan setup has to be done in the switch menu.
 
anav
Forum Guru
Forum Guru
Posts: 4658
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada

Re: Bridging a VLAN interface with other interfaces, hAP ac2

Sun Jun 28, 2020 3:46 am

xvo, can you quantify degrade loss of performance please.
You make it sound like the world will come to an end but I used it on both hex and RB450gx4 and my apologies but I didnt notice any horrible performance.
I'd rather manage rats than software. Follow my advice at your own risk! (Sob & mkx forced me to write that!)
 
User avatar
xvo
Forum Veteran
Forum Veteran
Posts: 714
Joined: Sat Mar 03, 2018 1:12 am
Location: Moscow, Russia

Re: Bridging a VLAN interface with other interfaces, hAP ac2

Sun Jun 28, 2020 11:43 am

xvo, can you quantify degrade loss of performance please.
You make it sound like the world will come to an end but I used it on both hex and RB450gx4 and my apologies but I didnt notice any horrible performance.
As I remember, you traded RB450gx4 for CCR1009 because the first didn’t keep up?!

There is a table of max l3 performance for each device in the product page.
Why spend the CPU power on tasks that can be offloaded to the switch chip, and use CPU for some other stuff? Or let it run idle and cool...
 
sindy
Forum Guru
Forum Guru
Posts: 5383
Joined: Mon Dec 04, 2017 9:19 pm

Re: Bridging a VLAN interface with other interfaces, hAP ac2

Sun Jun 28, 2020 12:03 pm

@anav, the difference between presence and absence of hardware L2 forwarding only becomes noticeable when there is some traffic heading from one LAN port to another, which is not your case at home. If all packets from LAN have to be handled by the CPU in order to be routed through WAN, no L2 forwarding happens at all.

When hardware forwarding is active, and just two devices, each connected to another LAN port, talk to each other using IP addresses from a subnet common for both, the switch chip is not a bottleneck. So if the sender is able to send on the negotiated interface speed, the receiver will receive the frames on the same speed (unless it has negotiated a slower interface speed of course). If hardware forwarding is disabled and the CPU (using the "bridge") has to forward each frame, the throuput degradation depends on the CPU power; with a strong enough CPU, you may not notice a degradation of the L2 forwarding itself if tested alone, but as the CPU is loaded by the forwarding, the overall throughput may be affected if other tasks have to be processed simultaneously. So it is not possible to say what the difference is because the above mentioned factors (CPU throughput and the volume of other CPU jobs) heavily affect the result.
Instead of writing novels, post /export hide-sensitive. Use find&replace in your favourite text editor to systematically replace all occurrences of each public IP address potentially identifying you by a distinctive pattern such as my.public.ip.1.
 
anav
Forum Guru
Forum Guru
Posts: 4658
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada

Re: Bridging a VLAN interface with other interfaces, hAP ac2

Sun Jun 28, 2020 2:32 pm

xvo, can you quantify degrade loss of performance please.
You make it sound like the world will come to an end but I used it on both hex and RB450gx4 and my apologies but I didnt notice any horrible performance.
As I remember, you traded RB450gx4 for CCR1009 because the first didn’t keep up?!

There is a table of max l3 performance for each device in the product page.
Why spend the CPU power on tasks that can be offloaded to the switch chip, and use CPU for some other stuff? Or let it run idle and cool...
No Xvo, the issue was a hardware problem with the RB,,,,,,, and partially a misconfigured icmp jump ruleset
I'd rather manage rats than software. Follow my advice at your own risk! (Sob & mkx forced me to write that!)
 
User avatar
xvo
Forum Veteran
Forum Veteran
Posts: 714
Joined: Sat Mar 03, 2018 1:12 am
Location: Moscow, Russia

Re: Bridging a VLAN interface with other interfaces, hAP ac2

Sun Jun 28, 2020 3:36 pm

No Xvo, the issue was a hardware problem with the RB,,,,,,, and partially a misconfigured icmp jump ruleset
Anyway, you should get my point: it's always better to configure router the right way from the start, than reconfigure it afterward, when you'll start noticing some problems.
That's not even harder or longer to do so, just different.
 
anav
Forum Guru
Forum Guru
Posts: 4658
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada

Re: Bridging a VLAN interface with other interfaces, hAP ac2

Sat Jul 04, 2020 11:49 pm

Concur!
I'd rather manage rats than software. Follow my advice at your own risk! (Sob & mkx forced me to write that!)

Who is online

Users browsing this forum: Baidu [Spider], macsrwe and 120 guests