Community discussions

MikroTik App
 
mada3k
Member
Member
Topic Author
Posts: 366
Joined: Mon Jul 13, 2015 10:53 am
Location: Sweden

Correct way of switch in RouterOS

Sat Aug 22, 2020 6:49 pm

Hi,

I have a CRS112-8P-4S at home and it's a great little PoE-switch. I'm using the setup as done in Example 1
https://wiki.mikrotik.com/wiki/Manual:C ... mples#VLAN

However, I find the configuration a bit... double and redundant..
/interface ethernet switch egress-vlan-tag
add tagged-ports=switch1-cpu,ether1,ether2,ether3,ether4,sfp10,sfp9 vlan-id=50
add tagged-ports=ether1,ether2,ether3,ether4,sfp10,sfp9 vlan-id=55
add tagged-ports=switch1-cpu,ether1,ether2,ether3,ether4,sfp10,sfp9 vlan-id=59

/interface ethernet switch ingress-vlan-translation
add customer-vid=0 new-customer-vid=50 ports=ether5
add customer-vid=0 new-customer-vid=50 ports=ether6
add customer-vid=0 new-customer-vid=50 ports=ether7
add customer-vid=0 new-customer-vid=50 ports=ether8
add customer-vid=0 new-customer-vid=50 ports=sfp11
add customer-vid=0 new-customer-vid=50 ports=sfp12

/interface ethernet switch vlan
add ports=switch1-cpu,ether1,ether2,ether3,ether4,ether5,ether6,ether7,ether8,sfp10,sfp9,sfp12,sfp11 vlan-id=50
add ports=ether1,ether2,ether3,ether4,sfp10,sfp9 vlan-id=55
add ports=switch1-cpu,ether1,ether2,ether3,ether4,sfp10,sfp9 vlan-id=59

/interface bridge
add admin-mac=XXXXXXXXXXXXXXX auto-mac=no igmp-snooping=yes name=bridge1

/interface bridge port
add bridge=bridge1 frame-types=admit-only-vlan-tagged interface=ether1
add bridge=bridge1 frame-types=admit-only-vlan-tagged interface=ether2
add bridge=bridge1 frame-types=admit-only-vlan-tagged interface=ether3
add bridge=bridge1 edge=yes frame-types=admit-only-untagged-and-priority-tagged interface=ether4 pvid=50
add bridge=bridge1 edge=yes frame-types=admit-only-untagged-and-priority-tagged interface=ether5 pvid=50
add bridge=bridge1 edge=yes frame-types=admit-only-untagged-and-priority-tagged interface=ether6 pvid=50
add bridge=bridge1 edge=yes frame-types=admit-only-untagged-and-priority-tagged interface=ether7 pvid=50
add bridge=bridge1 edge=yes frame-types=admit-only-untagged-and-priority-tagged interface=ether8 pvid=50
add bridge=bridge1 frame-types=admit-only-vlan-tagged interface=sfp9
add bridge=bridge1 frame-types=admit-only-vlan-tagged interface=sfp10
add bridge=bridge1 edge=yes frame-types=admit-only-untagged-and-priority-tagged interface=sfp11 pvid=50
add bridge=bridge1 edge=yes frame-types=admit-only-untagged-and-priority-tagged interface=sfp12 pvid=50

/interface bridge vlan
add bridge=bridge1 tagged=bridge1,ether1,ether2,ether3,ether4,sfp9,sfp10 vlan-ids=1,51-59
add bridge=bridge1 tagged=bridge1,ether1,ether2,ether3,ether4,sfp9,sfp10 untagged=ether5,ether6,ether7,ether8,sfp11,sfp12 vlan-ids=50

/interface vlan
add interface=bridge1 name=vlan50 vlan-id=50
add interface=bridge1 name=vlan59 vlan-id=59

Do I really have to do the same under /interface bridge port and vlan?

Is there a more simple way to do this. Imagine handling several 48-ports devices on an Enterprise and doing everything twice...
CCR/CRS/hEX/wAP • Ansible • NetXMS
 
mkx
Forum Guru
Forum Guru
Posts: 5713
Joined: Thu Mar 03, 2016 10:23 pm

Re: Correct way of switch in RouterOS

Sat Aug 22, 2020 9:06 pm

Do I really have to do the same under /interface bridge port and vlan?

No. When you do VLANs under /interface ethernet switch, you should not do any VLAN stuff under /interface bridge. In your particular case all setup under /interface bridge is actually ignored because you don't have vlan-filtering=yes set on bridge1 under /interface bridge.
BR,
Metod
 
mada3k
Member
Member
Topic Author
Posts: 366
Joined: Mon Jul 13, 2015 10:53 am
Location: Sweden

Re: Correct way of switch in RouterOS

Sat Aug 22, 2020 9:42 pm

I see. VLAN50 and 59 must reach the CPU since it runs DHCP for VLAN50, and VLAN59 for management. How should the bridge setup look like then?

Something like this?
/interface bridge port
add bridge=bridge1 frame-types=admit-only-vlan-tagged interface=ether1
add bridge=bridge1 frame-types=admit-only-vlan-tagged interface=ether2
add bridge=bridge1 frame-types=admit-only-vlan-tagged interface=ether3
add bridge=bridge1 frame-types=admit-only-vlan-tagged interface=ether4
add bridge=bridge1 frame-types=admit-only-vlan-tagged interface=sfp9
add bridge=bridge1 frame-types=admit-only-vlan-tagged interface=sfp10

/interface bridge vlan
add bridge=bridge1 tagged=bridge1,ether1,ether2,ether3,ether4,sfp9,sfp10 vlan-ids=1-59

/interface vlan
add interface=bridge1 name=vlan50 vlan-id=50
add interface=bridge1 name=vlan59 vlan-id=59
CCR/CRS/hEX/wAP • Ansible • NetXMS
 
tdw
Forum Veteran
Forum Veteran
Posts: 760
Joined: Sat May 05, 2018 11:55 am

Re: Correct way of switch in RouterOS

Sun Aug 23, 2020 2:43 am

Not quite.
/interface bridge
add admin-mac=XXXXXXXXXXXXXXX auto-mac=no igmp-snooping=yes name=bridge1

/interface bridge port
add bridge=bridge1 frame-types=admit-only-vlan-tagged interface=ether1
add bridge=bridge1 frame-types=admit-only-vlan-tagged interface=ether2
add bridge=bridge1 frame-types=admit-only-vlan-tagged interface=ether3
add bridge=bridge1 frame-types=admit-only-vlan-tagged interface=ether4
add bridge=bridge1 interface=ether5
add bridge=bridge1 interface=ether6
add bridge=bridge1 interface=ether7
add bridge=bridge1 interface=ether8
add bridge=bridge1 frame-types=admit-only-vlan-tagged interface=sfp9
add bridge=bridge1 frame-types=admit-only-vlan-tagged interface=sfp10
add bridge=bridge1 interface=sfp11
add bridge=bridge1 interface=sfp12

/interface bridge vlan
add bridge=bridge1 tagged=bridge1,ether1,ether2,ether3,ether4,sfp9,sfp10 vlan-ids=1-59


/interface vlan
add interface=bridge1 name=vlan50 vlan-id=50
add interface=bridge1 name=vlan59 vlan-id=59


and drop invalid VLANs in the switching setup
/interface ethernet switch
set drop-if-invalid-or-src-port-not-member-of-vlan-on-ports=ether1,ether2,ether3,ether4,ether5,ether6,ether7,ether8,sfp9,sfp10,sfp11,sfp12
 
erlinden
Forum Veteran
Forum Veteran
Posts: 758
Joined: Wed Jun 12, 2013 1:59 pm

Re: Correct way of switch in RouterOS

Sun Aug 23, 2020 10:17 am

You know there is a great Wiki for this switch:
https://wiki.mikrotik.com/wiki/Manual:C ... s_examples
First the problem, then the solution
 
mada3k
Member
Member
Topic Author
Posts: 366
Joined: Mon Jul 13, 2015 10:53 am
Location: Sweden

Re: Correct way of switch in RouterOS

Sun Aug 23, 2020 6:47 pm

Thanks tdw, I have now cleaned up my configuration as you gave example on. Works as good as before.
CCR/CRS/hEX/wAP • Ansible • NetXMS

Who is online

Users browsing this forum: No registered users and 144 guests