Community discussions

MikroTik App
 
leopardus2
Member Candidate
Member Candidate
Topic Author
Posts: 101
Joined: Thu Oct 13, 2016 5:12 pm

separate trunks CSS610 <-> RB3011 weirdness

Tue Jan 12, 2021 10:49 pm

I have found that for some unknown reason, bonding between my CSS610 and my RB3011 will cut the upload band in half or worse.
Since I am a bit tired of troubleshooting CSS610 bugs I decided to replace bonding with per-VLAN trunks, i.e. I decided to set up
two separate 1G trunks, in one trunk I am sending VLAN 88 and VLAN 166 and in the other trunk VLAN7.

To my dismay, this very simple configuration doesn't work properly: there is no ingress traffic in VLAN7, while the other trunk works just fine.
I am suspecting yet another CSS610 bug.... below the relevant RB3011 config, the CSS610 has the two ports in trunk mode (default).
Please note that a separate all-vlan trunk, on ether7, works just fine....
# model = RB3011UiAS
# serial number = B8950C9801E6
/interface bridge
add admin-mac=48:8F:5A:8A:27:66 auto-mac=no name=bridge1 vlan-filtering=yes
/interface ethernet
set [ find default-name=ether1 ] comment="do not enable, MAC stolen for bridge use" disabled=yes
/interface vlan
add interface=bridge1 name=VLAN7 vlan-id=7
add interface=bridge1 name=VLAN88 vlan-id=88
add interface=bridge1 name=VLAN166 vlan-id=166
/interface list
add name=WAN
add name=LAN
add name=VPN
/ip vrf
add list=all name=main
/port
set 1 name=usb2
/routing table
add fib name=vpn
/interface bridge port
add bridge=bridge1 interface=ether2 pvid=166
add bridge=bridge1 interface=ether7
add bridge=bridge1 interface=ether5
add bridge=bridge1 interface=ether8
/ip neighbor discovery-settings
set discover-interface-list=none
/interface bridge vlan
add bridge=bridge1 tagged=bridge1,ether5,ether7 untagged=ether2 vlan-ids=166
add bridge=bridge1 tagged=bridge1,ether7,ether5 vlan-ids=88
add bridge=bridge1 tagged=bridge1,ether7,ether8 vlan-ids=7
/interface list member
add list=WAN
add comment=defconf interface=ether1 list=LAN
add interface=ether2 list=LAN
add interface=ether3 list=LAN
add interface=ether4 list=LAN
add interface=ether5 list=LAN
add interface=ether6 list=LAN
add interface=ether7 list=LAN
add interface=ether8 list=LAN
add interface=ether9 list=LAN
add interface=ether10 list=LAN
add list=VPN
add list=LAN
add list=LAN
add interface=VLAN166 list=LAN
add interface=VLAN7 list=LAN
add interface=VLAN88 list=LAN
add interface=bridge1 list=LAN
/ip address
add address=192.168.1.5/24 interface=ether1 network=192.168.1.0
add address=192.168.69.253/24 interface=wireguard1 network=192.168.69.0
add address=192.168.166.254/24 interface=VLAN166 network=192.168.166.0
add address=192.168.7.254/24 interface=VLAN7 network=192.168.7.0
add address=192.168.88.254/24 interface=VLAN88 network=192.168.88.0
/ip dns
set servers=8.8.8.8
 
sindy
Forum Guru
Forum Guru
Posts: 6660
Joined: Mon Dec 04, 2017 9:19 pm

Re: separate trunks CSS610 <-> RB3011 weirdness

Tue Jan 12, 2021 11:11 pm

the CSS610 has the two ports in trunk mode (default).
At the CSS610, is VLAN 7 also permitted only on the trunk port connected to ether8 of the 3011, and VLANs 88 and 166 only on the trunk port connected to ether5 of the 3011?

Please note that a separate all-vlan trunk, on ether7, works just fine....
Is the ether7 of the 3011 connected to the CSS610 or somewhere else?
Instead of writing novels, post /export hide-sensitive. Use find&replace in your favourite text editor to systematically replace all occurrences of each public IP address potentially identifying you by a distinctive pattern such as my.public.ip.1.
 
sindy
Forum Guru
Forum Guru
Posts: 6660
Joined: Mon Dec 04, 2017 9:19 pm

Re: separate trunks CSS610 <-> RB3011 weirdness

Tue Jan 12, 2021 11:18 pm

Actually I spoke too fast, the explanation is at the CSS610 manual page:

The main differences compared to CSS3xx series switches are:
  • unsupported Independent VLAN Learning;


So the switch uses MAC addresses alone to populate the "MAC to port" mapping table, ignoring the VLAN IDs. Hence it is not able to send frames to the MAC address of the 3011 via different ports depending on VLAN ID. So it learns the MAC of the 3011 to be accessible via the 88+166 port, and then sends also frames with VID 7 through there, and the 3011 drops them as VLAN 7 is not allowed on that port at its end.
Instead of writing novels, post /export hide-sensitive. Use find&replace in your favourite text editor to systematically replace all occurrences of each public IP address potentially identifying you by a distinctive pattern such as my.public.ip.1.
 
leopardus2
Member Candidate
Member Candidate
Topic Author
Posts: 101
Joined: Thu Oct 13, 2016 5:12 pm

Re: separate trunks CSS610 <-> RB3011 weirdness

Tue Jan 12, 2021 11:30 pm

the CSS610 has the two ports in trunk mode (default).
At the CSS610, is VLAN 7 also permitted only on the trunk port connected to ether8 of the 3011, and VLANs 88 and 166 only on the trunk port connected to ether5 of the 3011?
correct. I wanted to have two separate physical paths for the two vlan groups...
 
leopardus2
Member Candidate
Member Candidate
Topic Author
Posts: 101
Joined: Thu Oct 13, 2016 5:12 pm

Re: separate trunks CSS610 <-> RB3011 weirdness

Tue Jan 12, 2021 11:31 pm

Actually I spoke too fast, the explanation is at the CSS610 manual page:

The main differences compared to CSS3xx series switches are:
  • unsupported Independent VLAN Learning;


So the switch uses MAC addresses alone to populate the "MAC to port" mapping table, ignoring the VLAN IDs. Hence it is not able to send frames to the MAC address of the 3011 via different ports depending on VLAN ID. So it learns the MAC of the 3011 to be accessible via the 88+166 port, and then sends also frames with VID 7 through there, and the 3011 drops them as VLAN 7 is not allowed on that port at its end.
This is very unfortunate....
 
leopardus2
Member Candidate
Member Candidate
Topic Author
Posts: 101
Joined: Thu Oct 13, 2016 5:12 pm

Re: separate trunks CSS610 <-> RB3011 weirdness

Wed Jan 13, 2021 1:22 pm

OK, so this thing called "SWOS lite" is ridiculous. A great switch with a terrible OS.
I will be replacing the CSS610 with an RB4011 and will retry the bonding thing with a "real" OS.
 
sindy
Forum Guru
Forum Guru
Posts: 6660
Joined: Mon Dec 04, 2017 9:19 pm

Re: separate trunks CSS610 <-> RB3011 weirdness

Wed Jan 13, 2021 1:48 pm

I'm not sure its a SWOS limitation as it doesn't exist on CRS3xx, and as the independent VLAN learning needs to be supported by the switch chip itself. So I guess it's rather the target price tag (a 10 Gbit/s switch for less than $100) which has led to choice of a switch chip lacking that capability.
Instead of writing novels, post /export hide-sensitive. Use find&replace in your favourite text editor to systematically replace all occurrences of each public IP address potentially identifying you by a distinctive pattern such as my.public.ip.1.
 
leopardus2
Member Candidate
Member Candidate
Topic Author
Posts: 101
Joined: Thu Oct 13, 2016 5:12 pm

Re: separate trunks CSS610 <-> RB3011 weirdness

Wed Jan 13, 2021 2:06 pm

it does not run SWOS. it runs "SWOS lite". I am not sure if the limitation is in hardware but seems quite a serious one for a switch considering
that for $40 more you get a full-fledged CSS326 with more ports and more pps
 
leopardus2
Member Candidate
Member Candidate
Topic Author
Posts: 101
Joined: Thu Oct 13, 2016 5:12 pm

Re: separate trunks CSS610 <-> RB3011 weirdness

Fri Jan 15, 2021 1:18 am

I have replaced the CSS610 with an RB4011 and the bonding now behaves properly, and speed is proper.
I think the CSS610 is a flawed product and recommend to stay away from it for the time being.

Who is online

Users browsing this forum: Baidu [Spider], Google [Bot], Majestic-12 [Bot] and 214 guests