Community discussions

MikroTik App
 
DottorT86
newbie
Topic Author
Posts: 36
Joined: Fri Aug 09, 2019 7:51 am

DHCP Client and RoMON on CRS326 using post 6.41 VLAN switch configuration

Tue Jun 15, 2021 10:19 am

Hello everyone,
a few days ago I decided to take full advantage of the switch chip of my CRS326-24G-2S + RM by configuring the VLANs with the new method (after ROS 6.41 version).
Following some online guides I configured almost everything but for now I can only access with MAC-Winbox. With the old configuration I had configured a dhcp-client on the bridge of the management VLAN, so the CRS326 got an IP address, NTP, routes etc. from dhcp server.
In addition with the old configuration I had also configured the RoMON on the management VLAN.
I made several attempts, I also searched online but could not configure DHCP Client and RoMON using the "new way".
This is my setup:
# jan/02/1970 20:12:56 by RouterOS 6.48.3
#
# model = CRS326-24G-2S+

/interface bridge
add admin-mac=xx:xx:xx:xx:xx:xx auto-mac=no name=bridge vlan-filtering=yes

/interface vlan
add interface=bridge name=vlan_mgmt vlan-id=330

/interface wireless security-profiles
set [ find default=yes ] supplicant-identity=MikroTik

/ip hotspot profile
set [ find default=yes ] html-directory=hotspot

/interface bridge port
add bridge=bridge disabled=yes interface=ether1
add bridge=bridge disabled=yes interface=ether2
add bridge=bridge disabled=yes interface=ether3
add bridge=bridge disabled=yes interface=ether4
add bridge=bridge disabled=yes interface=ether5
add bridge=bridge disabled=yes interface=ether6
add bridge=bridge frame-types=admit-only-untagged-and-priority-tagged interface=ether7 pvid=330
add bridge=bridge frame-types=admit-only-untagged-and-priority-tagged interface=ether8 pvid=888
add bridge=bridge interface=ether9 pvid=330
add bridge=bridge frame-types=admit-only-untagged-and-priority-tagged interface=ether10 pvid=330
add bridge=bridge frame-types=admit-only-untagged-and-priority-tagged interface=ether11 pvid=330
add bridge=bridge frame-types=admit-only-untagged-and-priority-tagged interface=ether12 pvid=330
add bridge=bridge frame-types=admit-only-untagged-and-priority-tagged interface=ether13 pvid=330
add bridge=bridge frame-types=admit-only-untagged-and-priority-tagged interface=ether14 pvid=330
add bridge=bridge frame-types=admit-only-vlan-tagged interface=ether15 trusted=yes
add bridge=bridge frame-types=admit-only-vlan-tagged interface=ether16 trusted=yes
add bridge=bridge frame-types=admit-only-vlan-tagged interface=ether17 trusted=yes
add bridge=bridge disabled=yes interface=ether18
add bridge=bridge frame-types=admit-only-untagged-and-priority-tagged interface=ether19 pvid=1010
add bridge=bridge disabled=yes interface=ether20
add bridge=bridge frame-types=admit-only-untagged-and-priority-tagged interface=ether21 pvid=1010
add bridge=bridge disabled=yes interface=ether22
add bridge=bridge frame-types=admit-only-untagged-and-priority-tagged interface=ether23 pvid=1010
add bridge=bridge disabled=yes interface=ether24
add bridge=bridge interface=sfp-sfpplus1 pvid=330
add bridge=bridge disabled=yes interface=sfp-sfpplus2

/ip settings
set rp-filter=strict tcp-syncookies=yes

/interface bridge vlan
add bridge=bridge comment=mgmt tagged=ether15,ether16,ether17 untagged=ether7,ether9,ether10,ether11,ether12,ether13,ether14,sfp-sfpplus1,bridge vlan-ids=330
add bridge=bridge comment=NVR tagged=ether17,ether16 untagged=ether8 vlan-ids=888
add bridge=bridge comment=ARKTECH tagged=ether17,sfp-sfpplus1 untagged=ether23,ether19,ether21 vlan-ids=1010
add bridge=bridge comment=Guest tagged=ether17,ether15,ether16 vlan-ids=333
add bridge=bridge comment=Service tagged=ether17,ether15,ether16 vlan-ids=339

/ip firewall service-port
set ftp disabled=yes
set tftp disabled=yes
set irc disabled=yes
set h323 disabled=yes
set sip disabled=yes
set pptp disabled=yes
set udplite disabled=yes
set dccp disabled=yes
set sctp disabled=yes

/ip service
set telnet disabled=yes
set ftp disabled=yes
set www disabled=yes
set ssh disabled=yes
set api disabled=yes
set api-ssl disabled=yes

/system routerboard settings
set boot-os=router-os

/tool bandwidth-server
set enabled=no

/tool mac-server
set allowed-interface-list=none

/tool mac-server ping
set enabled=no
 
tdw
Forum Guru
Forum Guru
Posts: 1841
Joined: Sat May 05, 2018 11:55 am

Re: DHCP Client and RoMON on CRS326 using post 6.41 VLAN switch configuration  [SOLVED]

Tue Jun 15, 2021 1:14 pm

You have omitted to include the bridge-to-CPU interface under /interface bridge vlan so packets are unable to pass from the switch-like role of the bridge to any services provided by the CPU, viewtopic.php?f=2&t=173692 is a good description of bridges on Mikrotiks.

For your configuration:
add bridge=bridge comment=mgmt tagged=bridge,ether15,ether16,ether17 untagged=ether7,ether9,ether10,ether11,ether12,ether13,ether14,sfp-sfpplus1,bridge vlan-ids=330

Once that has been done you can add an IP address & default route manually, or with a DHCP client.

The untagged= settings are also unnecessary, if omitted they will be added dynamically based on the port pvid= settings, and it prevents you manually creating a mismatch leading to communication problems.
 
DottorT86
newbie
Topic Author
Posts: 36
Joined: Fri Aug 09, 2019 7:51 am

Re: DHCP Client and RoMON on CRS326 using post 6.41 VLAN switch configuration

Wed Jun 16, 2021 1:07 am

Thank you so much for your answer! Problem solved!

Who is online

Users browsing this forum: ameliask, Bing [Bot], Google [Bot], miks and 63 guests