Community discussions

MikroTik App
 
Zacharias
Forum Guru
Forum Guru
Topic Author
Posts: 3459
Joined: Tue Dec 12, 2017 12:58 am
Location: Greece

RB4011 InterVLAN Routing

Thu Apr 01, 2021 9:42 pm

Hey all,
In a test lab i configured an RB4011 for interVLAN routing as flollows:
/interface vlan
add interface=sfp-sfpplus1 name=Vlan-10 vlan-id=10
add interface=sfp-sfpplus1 name=Vlan-11 vlan-id=11
add interface=sfp-sfpplus1 name=Vlan-12 vlan-id=12
add interface=sfp-sfpplus1 name=Vlan-13 vlan-id=13
add interface=sfp-sfpplus1 name=Vlan-14 vlan-id=14

/interface list
add name=VLAN10

/ip pool
add name=Pool-Vlan10 ranges=192.168.10.50-192.168.10.254
add name=Pool-Vlan11 ranges=192.168.11.50-192.168.11.254
add name=Pool-Vlan12 ranges=192.168.12.50-192.168.12.254
add name=Pool-Vlan13 ranges=192.168.13.50-192.168.13.254
add name=Pool-Vlan14 ranges=192.168.14.50-192.168.14.254

/ip dhcp-server
add address-pool=Pool-Vlan10 disabled=no interface=Vlan-10 lease-time=8h \
    name=DHCP-Vlan10
add address-pool=Pool-Vlan11 disabled=no interface=Vlan-11 lease-time=8h \
    name=DHCP-Vlan11
add address-pool=Pool-Vlan12 disabled=no interface=Vlan-12 lease-time=8h \
    name=DHCP-Vlan12
add address-pool=Pool-Vlan13 disabled=no interface=Vlan-13 lease-time=8h \
    name=DHCP-Vlan13
add address-pool=Pool-Vlan14 disabled=no interface=Vlan-14 lease-time=8h \
    name=DHCP-Vlan14
    
    /ip dhcp-server network
add address=192.168.10.0/24 dns-server=192.168.10.1 gateway=192.168.10.1
add address=192.168.11.0/24 dns-server=192.168.11.1 gateway=192.168.11.1
add address=192.168.12.0/24 dns-server=192.168.12.1 gateway=192.168.12.1
add address=192.168.13.0/24 dns-server=192.168.13.1 gateway=192.168.13.1
add address=192.168.14.0/24 dns-server=192.168.14.1 gateway=192.168.14.1

/ip address
add address=192.168.10.1/24 interface=Vlan-10 network=192.168.10.0
add address=192.168.11.1/24 interface=Vlan-11 network=192.168.11.0
add address=192.168.12.1/24 interface=Vlan-12 network=192.168.12.0
add address=192.168.13.1/24 interface=Vlan-13 network=192.168.13.0
add address=192.168.14.1/24 interface=Vlan-14 network=192.168.14.0

Then on a CRS 328 using Bridge Vlan Filtering (connected with RB4011 through SPF1):
/interface bridge vlan
add bridge=Bridge tagged=Bridge,sfp-sfpplus1 vlan-ids=10

/interface vlan
add interface=Bridge name=Vlan-10 vlan-id=10

/ip address
add address=192.168.10.2/24 interface=Vlan-10 network=192.168.10.0

/interface bridge port
add bridge=Bridge interface=ether24 pvid=10
add bridge=Bridge interface=sfp-sfpplus1

/interface bridge
add name=Bridge vlan-filtering=yes
So, its simply an RB4011 connected to a CRS 328 using as Trunk port the SFP1 port and my computer connected to ether24 port that is configured as an access port... VLAN 10 is the management VLAN...
As soon as i made this simple setup, altough i ve worked in the same way with other Mikrotik models and on GNS3 as well, i could not get an IP address on my computer on VLAN 10... Both RB4011 and CRS328 where programmed after a reset to no defaults... I checked both logs, i checked the configuration on both devices, everything was normal... So i just rebooted the RB4011, only, after the reboot on RB4011 everything was working normally as it should... nothing else was changed.. just a reboot on the router's side...
I kept working on both devices for a couple of days, the problem did not appear again... the devices were rebooted multiple times, shutdown and power on, no problems...
Until today, i just powered on both devices at the same time and there is the problem again... no IP through DHCP server on my computer, RB4011 was not visible on Winbox through neighbors on VLAN10.. no ping to the router through CRS... again, just a reboot on RB4011 solved the problem... i then kept working for a few hours on both devices and everything worked as it should...
Both devices are updated and run version 6.48.1... The SFP is a MaxLink ML Dacs+05 ...
No firewall is configured on RB4011... I ve posted the basic parts of my code just to make things easier... on CRS there are some access ports configured for the other VLANs etc but nothing more than that...
Anyone had any similar situtaion ?
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 11439
Joined: Thu Mar 03, 2016 10:23 pm

Re: RB4011 InterVLAN Routing

Sun Apr 04, 2021 9:54 pm

When you power on both devices and nothing much works ... is the DAC link up&running? You should be able to check that if you configure management computer with static address from 192.168.10.x/24 subnet and connect to ether24 of CRS. You may want to configure a management port on RB4011 in similar fashion to be able to check it from the RB4011's side as well (you may have to ditch the no-bridge config though depending on how you want to design your management access). And check logs on both devices as well.
Mikrotiks are notoriously sensitive about SFP+ gear and some devices (either DACs or SFP+ modules) are not 100% compatible. The worst thing is that compatibility list is different for different devices ...

I don't think anything is wrong with configuration though.
 
Zacharias
Forum Guru
Forum Guru
Topic Author
Posts: 3459
Joined: Tue Dec 12, 2017 12:58 am
Location: Greece

Re: RB4011 InterVLAN Routing

Sun Apr 04, 2021 10:19 pm

Thanks @mkx...
Both SFP leds on RB4011 and CRS where on...
I dont remember seeing anything in the logs, but ofcorse i might missed something...
This has happened 2 random times out of about 20 times i ve powered on the devices and worked with this particular lab... SFPs is what it came to my mind as well but am not really sure...
In any case i ve made a Bridge with the rest of the ports included for an easy access to the router in case i need to...

Would there be any reason to use Bridge VLAN filtering on the RB4011 ?
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 11439
Joined: Thu Mar 03, 2016 10:23 pm

Re: RB4011 InterVLAN Routing

Sun Apr 04, 2021 11:44 pm

Would there be any reason to use Bridge VLAN filtering on the RB4011 ?

Only if RB4011 was not simply a router-on-a-stick ...

Who is online

Users browsing this forum: gigabyte091, Google [Bot], GoogleOther [Bot], Greyhard, itsbenlol and 89 guests