Community discussions

MikroTik App
 
wavespan
newbie
Topic Author
Posts: 37
Joined: Sat Mar 21, 2009 9:05 am
Location: Springfield, MA - USA

One IP per VLAN

Thu Apr 29, 2021 6:15 pm

Does anyone know a way to run one dhcp server per vlan but have all the vlans bridged together?
I'm trying hand out one IP per vlan for customer hard wire connections at a venue. I dont want to
subnet the range I would prefer to just bridge it becasue sometimes customers have a need for a few
IP's for there equipment.

Currently we just have one vlan and when a customer has there equipment connected we advance the DHCP pool
to allow them to pull the IP then lock the lease in.

I looked into DHCP Client ID but not all of our switches are Layer3.
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 18958
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: One IP per VLAN

Thu Apr 29, 2021 6:32 pm

Not sure what you mean, you could create 500 vlans and setup a dhcp server for each one IP pool of one or how many per vlan, and have that all bridged.
 
wavespan
newbie
Topic Author
Posts: 37
Joined: Sat Mar 21, 2009 9:05 am
Location: Springfield, MA - USA

Re: One IP per VLAN

Thu Apr 29, 2021 6:34 pm

DHCP Servers go red and state Cannot run on a slave interface as soon as there put in a bridge.
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 18958
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: One IP per VLAN

Thu Apr 29, 2021 6:35 pm

????? what is your version of software?
Also post the current config
/export hide-sensitive file=anynameyouwish
 
User avatar
rextended
Forum Guru
Forum Guru
Posts: 11967
Joined: Tue Feb 25, 2014 12:49 pm
Location: Italy
Contact:

Re: One IP per VLAN

Thu Apr 29, 2021 6:40 pm

Not sure what you mean, you could create 500 vlans and setup a dhcp server for each one IP pool of one or how many per vlan, and have that all bridged.
😱
 
wavespan
newbie
Topic Author
Posts: 37
Joined: Sat Mar 21, 2009 9:05 am
Location: Springfield, MA - USA

Re: One IP per VLAN

Thu Apr 29, 2021 7:00 pm

I understand bridging all the vlans together is the problem. I cant wrap my head around a way to run dhcp out on only a vlan interface but allow the traffic bridged on the router.
You do not have the required permissions to view the files attached to this post.
 
tdw
Forum Guru
Forum Guru
Posts: 1841
Joined: Sat May 05, 2018 11:55 am

Re: One IP per VLAN

Thu Apr 29, 2021 7:19 pm

Why separate VLANs? If you are using one subnet you can only have one DHCP server serving it, there are other ways of isolating clients within layer 2 networks e.g. bridge filtering, port isolation.
 
wavespan
newbie
Topic Author
Posts: 37
Joined: Sat Mar 21, 2009 9:05 am
Location: Springfield, MA - USA

Re: One IP per VLAN

Thu Apr 29, 2021 7:23 pm

We want to control what IP gets handed out by what vlan the switch port is in.
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 18958
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: One IP per VLAN

Thu Apr 29, 2021 7:36 pm

Not sure what you mean, you could create 500 vlans and setup a dhcp server for each one IP pool of one or how many per vlan, and have that all bridged.
😱
Le dita sono stanche solo pensando al carico di lavoro

Just trying to understand the requirements without solutions in mind so that a deisgn of a config can be built to match the requirements
How many customers, what is the concurrent usage expected (load). How many switches? Do you have a switch port per vlan aka customer available?
 
wavespan
newbie
Topic Author
Posts: 37
Joined: Sat Mar 21, 2009 9:05 am
Location: Springfield, MA - USA

Re: One IP per VLAN

Thu Apr 29, 2021 8:19 pm

During the main event 150ish customers order ethernet lines
We have a public /24 that we use just for these customers.
68 Switches - HP / Ubiquiti / Mikrotik SWOS and ROS

These switches are all Fiber linked they range from little Mikrotik 5 port SWOS to 48 Port HP and Ubiquiti.
Access points are also run from most of these switches for the HotSpot. When a customer signs up for an
ethernet hookup I find the switch I know that will feed them remote in pick a port and make sure its in the
VLAN for our /24 range. Some cables are already connected to the switch if there permanent runs but most
are temporary for the events.

Issues we have are customer shows up and connect a switch instead of a router to the line we installed and
they pull a public IP for each of there devices. Some times a port gets left in the public vlan and anyone can
plug into a permanent run and get free internet.

Using a vlan for each customer seems to be the cleanest / easiest solution for us. But not wanting to subnet
the range is the problem.
 
tdw
Forum Guru
Forum Guru
Posts: 1841
Joined: Sat May 05, 2018 11:55 am

Re: One IP per VLAN

Thu Apr 29, 2021 8:24 pm

We want to control what IP gets handed out by what vlan the switch port is in.
That is not what VLANs are intended for. If you have multiple clients sharing the same subnet and want to assign an IP address based on switch port, rather than MAC address (so you do not have to know what the client equipment MAC address is), the usual method is for the switch to include Option 82 data in the DHCP request to identify the port and only permit one address per port to acquire an address.
 
wavespan
newbie
Topic Author
Posts: 37
Joined: Sat Mar 21, 2009 9:05 am
Location: Springfield, MA - USA

Re: One IP per VLAN

Fri Apr 30, 2021 12:17 am

I understand that is not what VLAN's are intended for. As I stated in my first post not all our switches
are layer 3 and using Option 82 would require allot of configuration and keeping track of ports already
configured so we can pick it off on the DHCP server.

The network changes monthly with shows moving in and out. A fiber cable could be pulled out of a
manhole and connected to a ticket booth in the middle of a field one month to a drive in movie screen
using it the next Basically trying to figure out a simple way to use ethernet cables as circuits where we
can control everything on them at the router. And VLANs fit that description except provision the IP on
them while bridged..
 
mikeeg02
Member Candidate
Member Candidate
Posts: 162
Joined: Fri Mar 30, 2018 2:28 am
Location: Pennsylvania

Re: One IP per VLAN

Fri Apr 30, 2021 5:53 am

If youre running a dhcp server on each vlan, and they are all hosted on one port, meaning it's feeding your backhaul, or core switch network, why do you want to or feel you need to bridge the vlans?

This device should be hosting the gateway routes and dhcp service, at this point it seems like it's a routing decision because the separate vlans are on separate subnets anyways?

What am I missing?
 
wavespan
newbie
Topic Author
Posts: 37
Joined: Sat Mar 21, 2009 9:05 am
Location: Springfield, MA - USA

Re: One IP per VLAN

Wed May 05, 2021 4:06 am

I looked at DHCP option 82 again and by enabling DHCP Snooping and Add DHCP Option 82 on a bridge and adding the VLAN's to the bridge running a DHCP server on the bridge I see Agent Circuit ID and Agent Remote ID are populated with the name of the interface and Router identity and ether port on the DHCP Leases. This would solve my problem except those are Read Only fields and does not look like you can assign a specific IP based on those fields. So what would be the point of using Option 82 to assign an IP ?
 
tdw
Forum Guru
Forum Guru
Posts: 1841
Joined: Sat May 05, 2018 11:55 am

Re: One IP per VLAN

Wed May 05, 2021 4:59 pm

It appears the Mikrotik DHCP server implementation is not up to using the option 82 information, despite elsewhere being able to add the option to bridged (using DHCP snooping) and routed (using DHCP relay) traffic - you could use a more capable DHCP server to handle the requests directly, or a RADIUS server to process the requests for the Mikrotik DHCP server.

Alternatively, going back to your multiple VLAN approach, rather than bridging them together you may be able to use the same address on each VLAN interface with proxy-arp to handle the overlapping subnet, it may also need DHCP server add-arp=yes
 
wavespan
newbie
Topic Author
Posts: 37
Joined: Sat Mar 21, 2009 9:05 am
Location: Springfield, MA - USA

Re: One IP per VLAN

Thu May 06, 2021 12:41 am

Seems like it should not be a huge deal for Mikrotik to add the ability to assign an IP based on any one or all matching fields in a static lease entry?
Would be nice to keep everything self contained and not have to rely on external servers.
I started to mess around with radius and I see all the info I need on the debug just got to customize it to match the Agent Remote ID. Such a PITA!

Who is online

Users browsing this forum: Ahrefs [Bot], Bing [Bot], itamx and 97 guests