Community discussions

MikroTik App
 
willy
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 64
Joined: Tue May 03, 2005 11:55 am

RouterBoard Documentation and Mikrotik

Tue Mar 08, 2011 9:03 am

Hello,

Some history. I use mikrotik and routerboard hw from 2004 because and very good choice. Routerboard hw and routeros very stable and handy and well documented.
I have some problems in the past, and i see: mikrotik representative very aggressive in communication, and think routeros always perfect, and routerboard also..
I use these devices to backhaul and interconnect our network. Works fine. Thanks Mikrotik.

But now i want to use 750G as switch and router on my network. I need wire speed switching (1Gbit/s) good stability, and durability. 750G has a switch chip, switch chip can speak .1q vlan, etc.
I bought some devices(10+) and put to our network for environmental test. Works fine, but i found a problem at switch chip backpressure, this problem submitted to mikrotik support and under investigate (very strange communication again)

Now i want to use switch chip vlan. I found only questions on forum. Documentation found from mikrotik on new wiki (http://wiki.mikrotik.com/wiki/Switch_Chip_Features) but this documentation very imperfect not pair with any routeros version and have missing parts, and some places give wrong information.
I found documentation about rb250GS and (because same chip, and same configuration parameters) use to set 750G parameters, but some parameter can't be set because missing this feature from routeros. The switch chip can do, but i can't be set from ROS. Debugging not possible because switch chip not debug friendly.

State: i can't use 750G switch chip as a vlan aware hw switch.

Problems:
1, i can't set one port untagged traffic on a vlan
2, i can't set untagged and tagged traffic on same port.

Example undocumented setting:
vlan-header exists in interface ethernet switch port menu not documented (but works, if i set add-if-missing always set vlan 0 to non .1q packets (this is not perfect also), always-strip also work)

ROS4.16, ROS4.17
Switch cpu port not appear as separate switch port, and can't apply any setting with this port.
I think interface ethernet switch rule completely wont work. (i can't debug because i can't put mirror-source on cpu port because in 4.x this is not separate port)

ROS5.0rc11
Switch port vlan-header option not work, but now cpu is a separate device.
(example undocumented feature: independent-learning)

Any ROS:
I can't specify default vlan on a port (for untagged traffic)
I can't force vlan tagging with port own default vlan if vlan tag missing in incoming traffic.

These problems based on current 750G and 250GS capability, if any options changed may cause other problems.

Please mikrotik communicate clearly:
1, When make available same vlan features (i don't think web interface) on 750G as 250GS (hw can do it)
2, Where is a documentation on available features?

And please, if any user can have more information on switch chip vlan are welcome

Thanks
 
Jeroen1000
Member Candidate
Member Candidate
Posts: 196
Joined: Fri Feb 18, 2011 2:05 pm

Re: RouterBoard Documentation and Mikrotik

Tue Mar 08, 2011 7:59 pm

I too could use some more explanation about the switch chip in my 450G regarding VLANs. Any current plans to expand this section?
 
willy
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 64
Joined: Tue May 03, 2005 11:55 am

Re: RouterBoard Documentation and Mikrotik

Sat Mar 12, 2011 11:44 am

Oh, some changes happen with documentation, silently insert an example how to use utilities. Thanks!

But...
Missing information: ROS version used?
Problems:
The example is not reference. Reference: what settings what to do. Example only aid for understanding the reference.
Some features are well self referred for example vlan-header=always-strip but for example vlan-header=add-if-missing not, because what VID added to package?
Also: how to do if i don't want remove vlan header completely (remove only if come specified VID for example) ?

I have problem also with the example also: how can i reach the device? for example: device separate 3 of VLAN
VID200
VID300
VID400
and the management vlan
VID100
Ether5 is a trunk port (incoming traffic) ether2 VID200 ether3 VID300 ether4 VID400) and ether1 is also a trunk port to another device (all vlans traffic come from ether5 and generated from access ports and local we forward to the right direction) VLAN100 is a management vlan and we should manage this switch in this vlan (on port ether1 or ether5)
What relationship with these rules, vlan table, port access? anything? How to do? I try to play with rules, and the "cpu" port in rules and vlan tables but this not work.

If i get some document, i will write the howto and examples for better understanding but now we don't have any documentation only "tips"
And i also see: configuration may change in the future (5.x) but no information about that and 5.x is coming in this month.
 
Jeroen1000
Member Candidate
Member Candidate
Posts: 196
Joined: Fri Feb 18, 2011 2:05 pm

Re: RouterBoard Documentation and Mikrotik

Thu Mar 31, 2011 5:41 am

Willy, are you dutch? I would like to get in contact with you if possible.
 
willy
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 64
Joined: Tue May 03, 2005 11:55 am

Re: RouterBoard Documentation and Mikrotik

Thu Mar 31, 2011 9:45 am

Hello,
Some advantages:

1, I will make previous question detailed to Mikrotik, because i have configuration support, but no answer, and documentation isn't complete yet. (two weeks)
2, I spend more time with the device.
device capabilities:
(or how could be use this device)
a, device is a 5 port router if you want to use more, you may fail.
b, device could use as managed switch if you don't want manage vlan traffic
c, device could use as managed vlan switch if you use only .1q vlan on it.

(device missing capabilities) :
a, device switch chip not a real switch, this is a "hybrid" device can't use untagged and tagged(.1q) traffic on same port* (if you don't want to manage vlan on switch chip the chip forward traffic well and you able to use port untagged and tagged traffic)
b, device does not support flow control
c, does not support STP (in switch chip) (this is really bad news)
d, device does not support flow control ( 250GS have exactly same chip and support)
e, device does not support jumbo frames (250GS support it also)
f, in 4.x series you cannot make rules to switch cpu port, and you can't communicate with the switch in some configurations. (more complex to explain this, but if you understand how work vlan-header, vlan-mode and the rule table, you understand this problem also. This will changed in 5.0x . But remember: no docs and mikrotik support very silent)

*Switch logic is more different, on a real switch you can use only one vlan for untagged traffic and also can use same port many to handle tagged traffic same time.

Current situation:
a, Mikrotik support does not enough time to handle support request.
b, No documentation. only tips on wiki page. reference is missing, and some information wrong and confusing
c, 5.0x under release but this device (switch chip) broken in 5.0x (known problem)
d, device sometimes (if switched on and only powered but not connect to other device) become unavailable. if you plug ethernet on any port device not respond.
e, All problems above not related to rb750g. All devices equipped with Atheros-8316 switch chip (rb1100,rb493g...)
f, in 5.0x switch architecture will changed, but not have any documentation for now (could not to test, could not to plan...)

I do not recommend to buy this device if you want use the switch chip.
 
willy
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 64
Joined: Tue May 03, 2005 11:55 am

Re: RouterBoard Documentation and Mikrotik

Thu Mar 31, 2011 10:32 am

Jeroen1000: Im not dutch, but if you have questions, please do it here. If contains confidential information may contact private line (pm-s not available in forum.mikrotik.com).
 
willy
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 64
Joined: Tue May 03, 2005 11:55 am

Re: RouterBoard Documentation and Mikrotik

Thu Mar 31, 2011 10:38 am

Some other information:
RB750G not have backpressure problem. This is my mistake. Because i use mikrotik only environment for test i do tests with bandwidth-test. And bandwidth-test is buggy (reported to Mikrotik support) and make false data (not cpu problem).
Thanks!
 
Jeroen1000
Member Candidate
Member Candidate
Posts: 196
Joined: Fri Feb 18, 2011 2:05 pm

Re: RouterBoard Documentation and Mikrotik

Thu Mar 31, 2011 1:29 pm

I'm wondering whether we are experiencing the same issue with VLANs and reaching an IP-address on the router. I think this has to do with the /interface ethernet switch rule menu.

You list it as issue f:

"f, in 4.x series you cannot make rules to switch cpu port, and you can't communicate with the switch in some configurations. (more complex to explain this, but if you understand how work vlan-header, vlan-mode and the rule table, you understand this problem also. This will changed in 5.0x . But remember: no docs and mikrotik support very silent)"


I think you meant router instead of switch though (note the bolded word in the above text I quoted from you).

Since you have read and replied to my topic you already know what my issue (topic link)

1) Could you please explain why the CPU-port accepts traffic from ether5 (a tagged VLAN port) when it (ether5) tries to reach VLAN10 configured with ip address 192.168.0.251. VLAN10 is created on the master-port, ether3. I assume the CPU port becomes a tagged port because I've created VLAN10 on ether3?

2) As you experienced also, untagged ports (my ether2 port in VLAN10 for instance), cannot reach the CPU-port.
So I wrote a rule to allow this. Too bad it does not work :?

switch=switch1 ports=ether2 vlan-header=not-present copy-to-cpu=no redirect-to-cpu=no mirror=no new-dst-ports=cpu new-vlan-id=10


So the rule tags ether2 traffic with VLAN10 is the destination port is the CPU. The CPU does not accept this traffic.
If I understand you correctly, this is because you cannot set vlan-header=add-if-missing for the CPU port? I do not know what this vlan-header option actually does. Why doesn't the new-vlan-id option add a vlan-header? A vlan-id cannot exist without a vlan-heade, right?

The 250GS switch does not have these problems because it doesn't require to send traffic to a CPU-port. However, do you think the switch OS has access to certain parameters that are not available in ROS?

please take a look here http://forum.mikrotik.com/viewtopic.php?f=2&t=50414


Thanks for your time. You can't believe how many hours I've been trying to get this to work, and now it appears to be impossible. I certainly feel your pain!

cheers,
Jeroen
 
willy
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 64
Joined: Tue May 03, 2005 11:55 am

Re: RouterBoard Documentation and Mikrotik

Fri Apr 01, 2011 6:39 am

You list it as issue f:

"f, in 4.x series you cannot make rules to switch cpu port, and you can't communicate with the switch in some configurations. (more complex to explain this, but if you understand how work vlan-header, vlan-mode and the rule table, you understand this problem also. This will changed in 5.0x . But remember: no docs and mikrotik support very silent)"

I think you meant router instead of switch though (note the bolded word in the above text I quoted from you).
Yes, want write router, or device instead

ROS Atheros8316 under development. And mikrotik has conception how to implement but this is not clear and don't want discuss with users. All information bellow may false, based on experience:

1, rule and vlan table will not work alone, if you specify vlan in rules.
2, vlan-header is a egress "rule" vlan-mode "maybe" ingress
3, add-if-missing undocumented. "add-if-missing" what id added to traffic come from rule table (you don't specify default tag elsewhere) and position opponent port. if you want to communicate an access port (untagged vlan) and port with same tagged vlan you will make 2 or 3 configuration.
I, if vlan-mode is restrictive (check, secure) you will make correct vlan table if not restrictive, this configuration is optional
II, specify 2 rules one rule for "tagging" untagged incoming traffic (based on vlan tag presence) and vlan set "forwarding" rules
add new-dst-ports=ether5 new-vlan-id=200 ports=ether2 switch=switch1 vlan-header=not-present
second specify a alternate rule (this is may not easy if you have more than one trunk(.1q vlan ) port with different vlans on the "switch")
add new-dst-ports=ether2 ports=ether5 switch=switch1 vlan-header=present vlan-id=200
(these examples from wiki)
Only two rules make accessible these ports for each other.
But new-vlan-id not set vlan tag on packet only set a parameter on a fib table (this is very speculative sorry)
III, set vlan-header option if you want untagged specify always-strip if the port tagged port specify add-if-missing (add-if-missing reads last entered VID from fib table what i wrote above) and tag packet with this VID but only when left the port (left the switch)


And now. If you understand everything the answer is easy
1, You can communicate 1.q ROS interface on ether3 because switch chip forward the traffic to all port if you don't restrict this with vlan mode and tagged traffic reach the ROS interface. (cpu port not configurable, but maybe in vlan-mode=fallback vlan-header=leave-as-is as default and in this situation you receive tagged traffic from ether5 and this is not need "add-if-missing" or "always-strip" setting on cpu-port) (second information ether3 NOT the cpu port of the switch in this situation! this is a config administrative, this is a "string" to configure other things.)
2, And if you follow logic you not able to communicate cpu port via untagged port because untagged port has vlan-header=always-strip (which is good) but you can't set vlan-header=add-if-missing on cpu port, and packet leave cpu port as untagged packet, and ROS don't reply because this packet not reach 1q port on ROS because does not have specified .1q tag.

This configuration changed in 5.x and 5.x released now (!!!WARNING!!! mikrotik support known: vlan-header option not work in 5.0rc11 and your switch become unreachable if you use switch chip vlan config. Released 5.0 not tested yet, and mikrotik support does not send any information about a fix to me. This means, may 5.0 released with this bug, or this bug fixed (but not discussed (thanks MT!)) and not listed in changelog !!!WARNING!!! )
 
User avatar
macgaiver
Forum Guru
Forum Guru
Posts: 1730
Joined: Wed May 18, 2005 5:57 pm
Location: Sol III, Sol system, Sector 001, Alpha Quadrant

Re: RouterBoard Documentation and Mikrotik

Fri Apr 01, 2011 8:09 am

Lets stop the QQ, can you give us example of configuration that you failed to do, so we can suggest something?

P.S. Feels like you expect from 60$ device same level of documentation/support/feature set as from 60 000$ device
With great knowledge comes great responsibility, because of ability to recognize id... incompetent people much faster.
 
Jeroen1000
Member Candidate
Member Candidate
Posts: 196
Joined: Fri Feb 18, 2011 2:05 pm

Re: RouterBoard Documentation and Mikrotik

Fri Apr 01, 2011 9:30 am

macgaiver, I'm not expecting that at all. It is (and probably was, judging from our testing) just not clear that certain setups can be accomplished. The questions are just to match the expected behaviour with the options' description.
The main issue at play here is that it is rather hard to get a straight answer from support in the likes of: no, that is not possible because [insert reason].

I am getting to know these devices for a reason, I actually like how they work in general.

Just to be clear, the issue appears to be that when you create a VLAN on an interface, the 'CPU-port' excpects tagged frames. So, my first guess was to add a VLAN-tag + header to a frame by enabling 'add-if-missing' for the port on which the VLAN was created.
Unfortunately, this does not work. We need to be able to enable this option on the CPU-port. Currently, this does not seem possible. And that is why you cannot create access ports (untagged ports) on the Mikrotik router itself*. Trunks (tagged ports) are no problem at all though.


Anyway, you are more than welcome to take a look at what I'm tryng to do (I don't know what exactly willy is trying). Please take a look here for a detailed thread of the setup.

* well you can, and they'll work too. You just can't get them to communicate with the router itself.



@willy. Thank you. What you kindly explained matches up with my experiences. VLAN-MODE is definitely ingress. It works together with the VLAN-table if you set the port to 'check' or 'secure'. VLAN-HEADER is most likely egress as far as I can tell.
But new-vlan-id not set vlan tag on packet only set a parameter on a fib table (this is very speculative sorry)
It certain does appear to be that way. As you say, which tag to add must be specified by using rules in the rule table.

I've ordered a Mikrotik switch to get around this problem now. It does appear to be the only way. I do hope this information is valuable to others who might be struggling:)
 
willy
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 64
Joined: Tue May 03, 2005 11:55 am

Re: RouterBoard Documentation and Mikrotik

Fri Apr 01, 2011 10:03 am

macgaiver:

Hmm?

I only want DOCUMENTATION. In this situation i cannot plan.
Mikrotik documentation on 2.7 ~700pages, good reference
2.9 same.
Now: some wiki pages with buggy information.
"Do it yourself."
I do my homework and now i use device with 4.17. But now released 5.0 and do it again.

I ask questions @Tue Mar 08, 2011 9:03 am (this topic) you don't answer.
Now you ask: what is my problem? if i don't ask this in this topic wiki documentation not extend at @mar 10 with essential information.
I only want documentation and know, what able with this device (from existing documentation: everything)

Please read @Thu Mar 31, 2011 8:45 am post from me. I want to answer our Jeroen1000 and many other people what is this device.
I'm not a mikrotik employee. This is a community support forum, not official support page.
I dont understand why ask this from me. I only want official reference documentation, what you not able to do, @mar 08 may you could help me, but not answer.

And the price:

60000$? netgear gs724t a 24port! managed switch for 270$ but only usable in rack.
60$? RB750G 85$
45$ RB250GS have documentation and works good and 8316 chip also.
RB750G will do same, or any other firm can make switch extension to devices based on this chip.
RB750G with docs and abilities in 250GS will be enough for everyone.

Please review the situation. Thanks.
 
User avatar
normis
MikroTik Support
MikroTik Support
Posts: 24493
Joined: Fri May 28, 2004 11:04 am
Location: Riga, Latvia

Re: RouterBoard Documentation and Mikrotik

Fri Apr 01, 2011 2:36 pm

you mention 2.9 documentation. well, the current documentation has 2x more pages. maybe you are looking in the wrong place?
No answer to your question? How to write posts
 
willy
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 64
Joined: Tue May 03, 2005 11:55 am

Re: RouterBoard Documentation and Mikrotik

Fri Apr 01, 2011 4:00 pm

Normis, at 2.7 series the documentation cover near full capabilities of ROS. Now changes may not altered, new features configuration missing.
I would happy if you uncover your company future plans for devices (for example 750g because config changed in 5.0rcX and i questioning in support request but no answer, i have also support request regression of vlan-header option but also in "under fixing" state).
You say @MUM in Hungary: Bugs exits, because you don't send bugs to support. I send support request.
Also I wrote a post before, i promise if i get some information i will write a wiki post, but now i have only speculations how works the vlan in these devices. I don't want make document about my "speculations", but you see people needs docs about this.
I think work hard on this, but sometimes may listening to a helping sound makes the life easier.
Also useful if you make available a public bug tracking system.
 
willy
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 64
Joined: Tue May 03, 2005 11:55 am

Re: RouterBoard Documentation and Mikrotik

Sun Apr 03, 2011 10:21 pm

Everyone. After testing i will see ROS 5.0 (reported in 5.0rc11) still have switch chip vlan bug, if you use, do NOT upgrade.
 
User avatar
normis
MikroTik Support
MikroTik Support
Posts: 24493
Joined: Fri May 28, 2004 11:04 am
Location: Riga, Latvia

Re: RouterBoard Documentation and Mikrotik

Mon Apr 04, 2011 10:55 am

Did you send any bug reports that were not fixed? tell me the ticket number and I can check status.

did you see any features not described in the wiki? specific ones please. tell me and I will check
No answer to your question? How to write posts
 
willy
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 64
Joined: Tue May 03, 2005 11:55 am

Re: RouterBoard Documentation and Mikrotik

Tue Apr 05, 2011 9:56 am

Normis, Thanks!
This topic is very noise and i post problems about switch chip here,
I have two not closed ticket related this topic:
One of a configuration aid, because documentation is very minimal. (please read my post above, where i make speculation how to work this, and see wiki docs, also please see doc where im clarify what is this device (450G/750G))
[Ticket#2011031766000239]

Another a specific bug. Exists in 5.0rc11 also and i submitted on mar 15. I have got response from support @mar 18. Bug confirmed, but you released 5.0 without fixing this.
[Ticket#2011031566000304]

I have 2 another (for example /system reset-configuration and ssh key recreation) but i would happy, if this problem solved and after i will write about another tickets.
 
LukasSVK
newbie
Posts: 40
Joined: Tue Dec 07, 2010 1:57 am
Location: Bratislava, Slovakia

Re: RouterBoard Documentation and Mikrotik

Sat Jul 16, 2011 4:16 am

Hello, are there any news about this problem? I have same problem, switch is pretty useless now for more complex scenario.
 
tronar
just joined
Posts: 4
Joined: Fri Aug 26, 2011 6:02 pm

Re: RouterBoard Documentation and Mikrotik

Sat Aug 27, 2011 3:17 am

I'm trying to use the switch inside a RB750gl with some related griefs.
I don't understand what the "independent learning" means in vlan definitions,
but I have spotted that switch MAC learning (as seen in dynamic hosts) are
all tagged as vlan id 2.

I'm new to Microtik, bought a couple of devices to get used to. A 250GS and a 750GL.
Would love to be able to use the 750GL as a switch with a router on a stick on the cpu port, to get fast switching + routing. With vlans, obviously.

-Carlos
 
tronar
just joined
Posts: 4
Joined: Fri Aug 26, 2011 6:02 pm

Re: RouterBoard Documentation and Mikrotik

Mon Aug 29, 2011 12:25 am

Ok, I think I got what is going on.
This is RouterOS 5.6 BTW.
When you add a port to be "switch controlled, master", and you put the
cpu port into "vlan able", then its traffic is associated with vlan 2.
I have been able to connect to the router port by creating a vlan 2 and enabling
whatever port it has to talk to into it. At least I do not loose management when
enabling vlans. As to router on a stick... I'll keep playing.

-Carlos

Who is online

Users browsing this forum: Google [Bot], Google Feedfetcher and 103 guests