Community discussions

MikroTik App
 
Erayd
just joined
Topic Author
Posts: 9
Joined: Mon Nov 09, 2015 9:59 pm

PVID for BGP VPLS interface on a bridge

Mon Jul 20, 2020 9:11 am

Given that the "VLAN on a bridge in a bridge" model is explicitly advised against, what is the recommended method of tagging traffic to / from a BGP signalled VPLS interface in a bridge?

There is no PVID option under /interface vpls bgp-vpls, and I cannot find any other way of setting this.
 
Erayd
just joined
Topic Author
Posts: 9
Joined: Mon Nov 09, 2015 9:59 pm

Re: PVID for BGP VPLS interface on a bridge

Tue Feb 23, 2021 11:02 am

Bumping this - seven months later, and I've still not been able to locate an answer to this question, nor was the local mikrotik distributor & trainer able to answer this.

Would appreciate any ideas, as I'm currently stuck doing something that the documentation explicitly advises is a bad idea.
 
sindy
Forum Guru
Forum Guru
Posts: 6931
Joined: Mon Dec 04, 2017 9:19 pm

Re: PVID for BGP VPLS interface on a bridge

Tue Feb 23, 2021 5:24 pm

I'm afraid you have to open a ticket with support directly (via support@mikrotik.com or, better, via the servicedesk web interface. The statement regarding availability of direct support only within 14 days from purchase is there mostly to avoid hundreds of newbie questions per day; on the other hand, the local distributor and trainer should have raised your question with Mikrotik and have it answered for you - the idea is that they can answer newbie questions on their own and only forward the negligible amount of more complex ones to Riga.

When the BGP VPLS interface in question is active, can you see a corresponding item in the /interface bridge port table or not?
Instead of writing novels, post /export hide-sensitive. Use find&replace in your favourite text editor to systematically replace all occurrences of each public IP address potentially identifying you by a distinctive pattern such as my.public.ip.1.
 
Erayd
just joined
Topic Author
Posts: 9
Joined: Mon Nov 09, 2015 9:59 pm

Re: PVID for BGP VPLS interface on a bridge

Wed Feb 24, 2021 3:11 am

I'm afraid you have to open a ticket with support directly (via support@mikrotik.com or, better, via the servicedesk web interface. The statement regarding availability of direct support only within 14 days from purchase is there mostly to avoid hundreds of newbie questions per day; on the other hand, the local distributor and trainer should have raised your question with Mikrotik and have it answered for you - the idea is that they can answer newbie questions on their own and only forward the negligible amount of more complex ones to Riga.
Gotcha - thanks; I will log a ticket if this thread doesn't look like finding a solution, and post the outcome here.

When the BGP VPLS interface in question is active, can you see a corresponding item in the /interface bridge port table or not?
Yes. A dynamic entry for the VPLS interface is added here.
 
User avatar
CZFan
Forum Guru
Forum Guru
Posts: 1980
Joined: Sun Oct 09, 2016 8:25 pm
Location: South Africa, Krugersdorp (Home town of Brad Binder)
Contact:

Re: PVID for BGP VPLS interface on a bridge

Wed Feb 24, 2021 10:08 am

Off the bat, have not tested it, etc. possible solutions might be:

1. Assign Vlans to a VRF and use the VRF, or maybe
2. In bridge port, you can select interface called "dynamic" and assign pvid there
MTCNA, MTCTCE, MTCRE & MTCINE
 
sindy
Forum Guru
Forum Guru
Posts: 6931
Joined: Mon Dec 04, 2017 9:19 pm

Re: PVID for BGP VPLS interface on a bridge

Wed Feb 24, 2021 1:09 pm

I'm afraid it came to nobody's mind that a single bridge could host multiple customers' bgp-vpls tunnels and hence VLAN tag manipulation would be required on the port of the bridge to which the tunnel is connected, hence the pvid is not part of the /interface vpls bgp configuration. The designers probably expected VLAN tag manipulation to happen at edge ports, not tunnel ones.

So as you apparently cannot accommodate to that concept, try to unset the bridge item on the /interface vpls bgp row, which will make that dynamic entry disappear. Then, add an /interface bridge port row manually, with the pvid you need. It may not be possible at all - the name of the tunnel may not be offered as an interface name to add as a bridge port. Even if it is possible, I'd assume that once the tunnel disappears and re-appears, the /interface bridge port row will say interface=*some-hex-number and the traffic will not flow to/from the tunnel, so you would need a script tracking the changes and updating the /interface bridge port list accordingly. But first check that it actually works - PPP BCP adds L2 tunnels as bridge ports dynamically as well, but vlan-filtering doesn't work at all on these ports (I don't remember whether it's just that tagged frames are not received from the tunnels or something worse).

If the bgp vpls tunnel cannot be added as a bridge port this way, you have to keep using your interconnected bridges, and maybe use /interface bridge filter rules to prevent the bad things listed at the "don't do this" page from happening (e.g. not allow STP BPDUs to leak through the /interface vlan to the main bridge). And convince the developers that your use case is so common that it makes sense to implement the corresponding handling.
Instead of writing novels, post /export hide-sensitive. Use find&replace in your favourite text editor to systematically replace all occurrences of each public IP address potentially identifying you by a distinctive pattern such as my.public.ip.1.

Who is online

Users browsing this forum: accarda, anav, gotsprings, grumpazoid, mkx, sindy and 204 guests