Hello,
I have a CRS125-24G-1S which is offloading VLANs to the switch chip which are trunked from a central router, but I cannot figure out how to setup a management IP.
The VLAN for management is 40 (also being used for MikroTik APs and other network device management)
Any advice is appreciated!
# feb/11/1970 18:05:53 by RouterOS 6.47
# software id = 0000-0000
#
# model = CRS125-24G-1S
# serial number = 000000000000
/interface bridge
add admin-mac=00:00:00:00:00:00 auto-mac=no comment=defconf name=bridge
/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik
/interface bridge port
add bridge=bridge comment=defconf interface=ether1
add bridge=bridge comment=defconf interface=ether2
add bridge=bridge comment=defconf interface=ether3
add bridge=bridge comment=defconf interface=ether4
add bridge=bridge comment=defconf interface=ether5
add bridge=bridge comment=defconf interface=ether6
add bridge=bridge comment=defconf interface=ether7
add bridge=bridge comment=defconf interface=ether8
add bridge=bridge comment=defconf interface=ether9
add bridge=bridge comment=defconf interface=ether10
add bridge=bridge comment=defconf interface=ether11
add bridge=bridge comment=defconf interface=ether12
add bridge=bridge comment=defconf interface=ether13
add bridge=bridge comment=defconf interface=ether14
add bridge=bridge comment=defconf interface=ether15
add bridge=bridge comment=defconf interface=ether16
add bridge=bridge comment=defconf interface=ether17
add bridge=bridge comment=defconf interface=ether18
add bridge=bridge comment=defconf interface=ether19
add bridge=bridge comment=defconf interface=ether20
add bridge=bridge comment=defconf interface=ether21
add bridge=bridge comment=defconf interface=ether22
add bridge=bridge comment=defconf interface=ether23
add bridge=bridge comment=defconf interface=ether24
add bridge=bridge comment=defconf interface=sfp1
/interface ethernet switch egress-vlan-tag
add tagged-ports=ether2,ether8,ether10,ether20 vlan-id=30
add tagged-ports=ether2,ether8,ether10,ether20 vlan-id=50
add tagged-ports=ether2,ether4,ether20 vlan-id=20
add tagged-ports=ether2,ether8,ether10,ether20 vlan-id=40
add tagged-ports=ether2,ether8,ether10,ether20 vlan-id=60
add tagged-ports=ether2,ether4,ether20 vlan-id=10
/interface ethernet switch ingress-vlan-translation
add customer-vid=0 new-customer-vid=30 ports=ether18,ether13,ether22
add customer-vid=0 new-customer-vid=50 ports=ether16
/interface ethernet switch vlan
add ports=ether2,ether8,ether10,ether13,ether18,ether20,ether22 vlan-id=30
add ports=ether2,ether8,ether10,ether16,ether20 vlan-id=50
add ports=ether2,ether4,ether20 vlan-id=20
add ports=ether2,ether8,ether10,ether20 vlan-id=40
add ports=ether2,ether8,ether10,ether20 vlan-id=60
add ports=ether2,ether4,ether20 vlan-id=10
/ip address
add address=192.168.88.1/24 comment=defconf interface=bridge network=\
192.168.88.0
Re: CRS VLAN / Management IP
Delete the IP address from the bridge and add something like:
I also add the equivalent of this (presuming ether2,4,8,10,20 are trunk ports):
Make sure you do that one in Safe mode though, as it's easy to lock yourself out!
Code: Select all
/interface vlan add interface=bridge name=vlan40 vlan-id=40
/ip address add address=192.168.88.1/24 interface=vlan40
Code: Select all
/interface ethernet switch set drop-if-invalid-or-src-port-not-member-of-vlan-on-ports=ether2,ether4,ether8,ether10,ether20 forward-unknown-vlan=no unknown-vlan-lookup-mode=ivl
-
-
jcbhltz909
newbie
- Posts: 35
- Joined:
Re: CRS VLAN / Management IP
Thanks for the reply - however this is not working.
The reason for hardware offload is that the CRS cannot handle 1Gbps tagging/untagging without it. Adding a VLAN to the bridge, so far as I know, will cause all hardware offloading to be disabled.
The reason for hardware offload is that the CRS cannot handle 1Gbps tagging/untagging without it. Adding a VLAN to the bridge, so far as I know, will cause all hardware offloading to be disabled.
Re: CRS VLAN / Management IP
What is not working? And what does "not working" mean anyway?Thanks for the reply - however this is not working.
Indeed.The reason for hardware offload is that the CRS cannot handle 1Gbps tagging/untagging without it.
You know wrong then. Have you actually tried it? I have one of these in service with multiple VLANs going through the switch chip, with hardware offload, and a management IP address on one of the VLANs done exactly as I showed above.Adding a VLAN to the bridge, so far as I know, will cause all hardware offloading to be disabled.
Re: CRS VLAN / Management IP
Enabling bridge VLAN filtering does, not adding VLAN interface on top of the bridge.Adding a VLAN to the bridge, so far as I know, will cause all hardware offloading to be disabled.
In addition to creating interface vlan, switch1-cpu has to be added as a tagged member of management vlan:
both in
/interface ethernet switch vlan
and
/interface ethernet switch egress-vlan-tag
sections.
Who is online
Users browsing this forum: Bing [Bot], Google [Bot], jrypacek, majestic, rootbodnar, viacheslav1988 and 192 guests