Hello,
We are using Mikrotik OS ver. 2.9.7, and cannot seem to get vlan'd traffic to pass. We are plugging our mikrotik box in as a transparent bridge between 2 summit extreme switches using 802.1Q vlans, but traffic is not getting through. If we take the same mikrotik box and plug it in between an HP 2424 switch and a summit extreme switch without using 802.1Q vlans, the traffic passes fine. Can someone point me in the right direction here? We have run through the vlan suggestions we have found here in the forums, and so far it has been no-go.
Well, we have arround 15 VLANs only, and they are separately entered. Everything work this way. I never tryed to do this via bridge.
Anybody else on forum, have tryed this?
I believe that it is very painfulll to enter 1200 interfaces by hand...
But, if the only solution is to enter each VLAN, write a simple script which will telnet to the router, and do the job
We are using similar trick for some other purposes. We have 2 ISP`s and we measure the bandwidth usage at both ISPs. If the usage reaches 80%, the script is telneting to the router, and the ip pool that gives IP addresses to PPPoE customers changes to the second ISP
Very primitive load balancing, but works great
Anybody else on forum, have tryed this?
I believe that it is very painfulll to enter 1200 interfaces by hand...
But, if the only solution is to enter each VLAN, write a simple script which will telnet to the router, and do the job
We are using similar trick for some other purposes. We have 2 ISP`s and we measure the bandwidth usage at both ISPs. If the usage reaches 80%, the script is telneting to the router, and the ip pool that gives IP addresses to PPPoE customers changes to the second ISP
Very primitive load balancing, but works great
-
- BurstNET
any reason you can think of that simple queres will not work on the traffic in this configuration? network interfaces and the bridge show the traffic flowing over them, but the simple queres do not and seem to have no effect on controlling traffic. connection tracking does show the traffic breakdown, so it looks like the vlan traffic is readable. even just trying to put a rule on the interfaces themselves does not seem to function now. anything special need to be done to throttle bandwidth in this situation? do simple queres not work in this situation, and need to use mangle/parket-marking method instead? tried that as well, and did not seem to work either. had no problems prior with non-vlan'd type traffic.
This must be a bridge issue, I don`t see any other explanation.
We have VLANs, and just now, I made a test to be sure not to give you wrong type of help
I set up a new simple queue on VLAN interface, called ABC, Look at the following screenshot from my winbox:
http://jager.on.panonnet.net/!queue.gif
This interface without queue almost never have less than 2Mbit of traffic.
You can see in the middle of the traffic window for this interface how the traffic significaly lowered when I enabled the queue, (and my users was wondering what is going wrong with the Internet ) and raised again after turning the queue off.
I really hope this helps you, at least, we can be sure that Mtik know how to handle simle queues on VLANs.
!Wait, something comes onto my mind.... all my queues have priority 8.
I still did not made any QoS to favorize certain type of traffic. Do you have different queue priorities on you router? Maybe the solution lies there?
Crossing fingers
Jager
We have VLANs, and just now, I made a test to be sure not to give you wrong type of help
I set up a new simple queue on VLAN interface, called ABC, Look at the following screenshot from my winbox:
http://jager.on.panonnet.net/!queue.gif
This interface without queue almost never have less than 2Mbit of traffic.
You can see in the middle of the traffic window for this interface how the traffic significaly lowered when I enabled the queue, (and my users was wondering what is going wrong with the Internet
) and raised again after turning the queue off.I really hope this helps you, at least, we can be sure that Mtik know how to handle simle queues on VLANs.
!Wait, something comes onto my mind.... all my queues have priority 8.
I still did not made any QoS to favorize certain type of traffic. Do you have different queue priorities on you router? Maybe the solution lies there?
Crossing fingers
Jager
I am trying to do the same. I have setup a mgmt interface on eth1 and then setup eth2 and eth3 as a bridge. I have tried adding the VLAN's i want to put the queue on under the bridge interface. Do I need to add them to the ethernet interfaces instead?
What I am trying ot accomplish is to do some traffic shaping on some customers i have VLAN'd I only have about four right now connected via fiber optic to us, then i have the switch they are on setup with vlans, with our border router (a juniper not a mikrotik sorry) setup with subnets on the interface connected to the switch they are on, and vlans on each.
I put a mikrotik in between the border router and the switch now, with the eth2 and eth3 as a the interfaces bridging them. they pass traffic and the VLAN information between the juniper and the switch fine, now i would like to start shaping. What would be the best method?
Can I shape based on VLAN ID or since each is subnetted out, should i do it by thier network ID?
Also i am fairly new to mikrotik (but love it) so could someone provide me with some basic setup steps to implement thier recomendation as well.
Thanks in advance!
What I am trying ot accomplish is to do some traffic shaping on some customers i have VLAN'd I only have about four right now connected via fiber optic to us, then i have the switch they are on setup with vlans, with our border router (a juniper not a mikrotik sorry) setup with subnets on the interface connected to the switch they are on, and vlans on each.
I put a mikrotik in between the border router and the switch now, with the eth2 and eth3 as a the interfaces bridging them. they pass traffic and the VLAN information between the juniper and the switch fine, now i would like to start shaping. What would be the best method?
Can I shape based on VLAN ID or since each is subnetted out, should i do it by thier network ID?
Also i am fairly new to mikrotik (but love it) so could someone provide me with some basic setup steps to implement thier recomendation as well.
Thanks in advance!
You can setup a new simple queue to every VLAN interface, and shape the traffic as you wish. For example, like this:
142 name="VLAN Proxim 1" dst-address=0.0.0.0/0 interface=proxim1 parent=none direction=both priority=8
queue=default/default limit-at=0/0 max-limit=10000000/10000000 total-queue=default
Hope this helps.
142 name="VLAN Proxim 1" dst-address=0.0.0.0/0 interface=proxim1 parent=none direction=both priority=8
queue=default/default limit-at=0/0 max-limit=10000000/10000000 total-queue=default
Hope this helps.
thanks for the response, unfortunatley, it didnt work for me, i might have something configured improperly however.
Should i create a vlan interface to match. for example one of the VLAN's is VLAN 30 i tried to create it under the bridge interface, and eth2 and eth3 ... no luck
I was able to create a filter under bridge and it would match vlan30 packets, so i created a packet mark, however i still couldnt get the que to see the vlan 30 traffic even based on the packet mark.
since these are subnetted as well, should i be able to que based on a range of IP's .. for example if one of the customers has network 10.2.10.48/28 couldnt I match those addresses, and then que them?
I think I might be over complicating this...
any more suggestions would be greatly appreciated.
Should i create a vlan interface to match. for example one of the VLAN's is VLAN 30 i tried to create it under the bridge interface, and eth2 and eth3 ... no luck
I was able to create a filter under bridge and it would match vlan30 packets, so i created a packet mark, however i still couldnt get the que to see the vlan 30 traffic even based on the packet mark.
since these are subnetted as well, should i be able to que based on a range of IP's .. for example if one of the customers has network 10.2.10.48/28 couldnt I match those addresses, and then que them?
I think I might be over complicating this...
any more suggestions would be greatly appreciated.
I feel like i have tried everything.. I am beginning to pull my hair 
I tried to mark the VLAN traffic, and that does work fine. but when you try to limit it.. it doesnt seem to see it at all... odd.
so since i have each of the cusomters subnetted as well.. i tried to just setup the queue based on thier individual subnet, however that does not seem to work either.
can traffic shaping not be done over a bridge? Should I be using the bridge interface or the ethernet ones when i setup the filters?
so to restate my issue.. I have a Mikrotik 2.9.13 rotuerboard 532 device setup between my border router, and a switch which feeds out to about four customers tied in to us across fiber optics. Each customer is assigned either a /28 or /27 subnet. then each port on the switch is assigned a unique VLAN ID for each customer. our border router is setup with the gateway address for each subnet, and on this router each subnet is assigned to a subinterface with thier unique VLAN ID. confused? well here is a diagram. with ficticious IP's but the subnetting and VLAN ing is the same. i want to limit each customer to 3M up and 3M down MAX.
any help would be greatly appreciated!
I tried to mark the VLAN traffic, and that does work fine. but when you try to limit it.. it doesnt seem to see it at all... odd.
so since i have each of the cusomters subnetted as well.. i tried to just setup the queue based on thier individual subnet, however that does not seem to work either.
can traffic shaping not be done over a bridge? Should I be using the bridge interface or the ethernet ones when i setup the filters?
so to restate my issue.. I have a Mikrotik 2.9.13 rotuerboard 532 device setup between my border router, and a switch which feeds out to about four customers tied in to us across fiber optics. Each customer is assigned either a /28 or /27 subnet. then each port on the switch is assigned a unique VLAN ID for each customer. our border router is setup with the gateway address for each subnet, and on this router each subnet is assigned to a subinterface with thier unique VLAN ID. confused? well here is a diagram. with ficticious IP's but the subnetting and VLAN ing is the same. i want to limit each customer to 3M up and 3M down MAX.
any help would be greatly appreciated!
I think this is not going to work, as you do not have the VLANs defined on Mikrotik. Is is possible to do VLANs on Mtik, and not on Juniper? Only in that case you can assign one simple queue for every VLAN, and it will work OK.
I have several VLAN switches, and every AP, remote link have assigned a different VLAN ID. This interfaces are nicely visible and separated in Mikrotik. The are also "queueable" without problems.
At the end, you can rate limit the traffic based on source address... this should also work.
I have several VLAN switches, and every AP, remote link have assigned a different VLAN ID. This interfaces are nicely visible and separated in Mikrotik. The are also "queueable" without problems.
At the end, you can rate limit the traffic based on source address... this should also work.
So do you mean, turn the mikrotik from a bridge into a router, and then add the vlan at the interface facing the customers.
I have thought of doing this, the bridging was an easy solution with minimal downtime. and i thought this would be possible. I have tried defining the vlans on the bridge interface as well as each interface, and also with all interfaces. like i said, i have been able to mark the traffic, just doesnt seem to do anything on limiting it.
If it cannot be done on the bridge, I will try to remove the bridging and do routing and see how that works...
Thank you for your advice, If i misunderstood, just let me know...
I have thought of doing this, the bridging was an easy solution with minimal downtime. and i thought this would be possible. I have tried defining the vlans on the bridge interface as well as each interface, and also with all interfaces. like i said, i have been able to mark the traffic, just doesnt seem to do anything on limiting it.
If it cannot be done on the bridge, I will try to remove the bridging and do routing and see how that works...
Thank you for your advice, If i misunderstood, just let me know...
Yes, that`s correct, but that is only my opinion. I don`t say that I am 100% right, but as nobody has submited any better solution I suppose my opinion is correct.We have gotten bandwidth throttling working on a bridge.
So are we saying that this definately cannot be done on a bridge, and needs to be done via routing?
Agreed, i am willing to implement the other suggestion, but i had plans of using this in other areas in a similar way, so it would be great if someone had a workaround to make it work this way.
I do appreciate the above suggestion however, and am going to try it for now when i can schedule more down time to experiment on the customers routing.
Maybe this is an unknown bug? or just a fact of life...
I do appreciate the above suggestion however, and am going to try it for now when i can schedule more down time to experiment on the customers routing.
Maybe this is an unknown bug? or just a fact of life...
I really have no clue about why it behaves like this. Somebody who have better knowledge should have the answer, for sure. Normis? 