Community discussions

 
manojlovicl
newbie
Topic Author
Posts: 25
Joined: Mon Aug 18, 2014 11:48 pm

Cloud core switch - example

Wed Mar 25, 2015 11:57 pm

Hi! Can someone please help me out with an example of vlan config?

I would like to make souch setup:

Port 24 - untagged vlan 1 + tagged vlan 10 + tagged vlan 11 + tagged vlan 12
Port 1 - untagged vlan 10
Port 2 - untagged vlan 11
Port 3 - untagged vlan 12
Port 4 - untagged vlan 1

I have configured
Switch / VLAN

VLAN tab:
vlan id 1 - port 4 and port 24 svl no, sa learning yes, flood no, ingress miror no
vlan id 10 - port 1 and port 24, svl no, sa learning yes, flood no, ingress miror no
vlan id 11 - port 2 and port 24, svl no, sa learning yes, flood no, ingress miror no
vlan id 12 - port 3 and port 24, svl no, sa learning yes, flood no, ingress miror no

VLAN tagging tab:
vlan id 10 tagged 24
vlan id 11 tagged 24
vlan id 12 tagged 24

In. VLAN Tran. tab:
Port 1 service vlan lookup for: untagged or tagged, customer vlan lookup for: untagged or tagged, customer vid 0, new customer vid 10
Port 2 service vlan lookup for: untagged or tagged, customer vlan lookup for: untagged or tagged, customer vid 0, new customer vid 11
Port 3 service vlan lookup for: untagged or tagged, customer vlan lookup for: untagged or tagged, customer vid 0, new customer vid 12

I did not modify anything else. Is this setup correct? Do I need to setup something else?

Thank you very much,
Luka Manojlovic
 
lz1dsb
Member Candidate
Member Candidate
Posts: 222
Joined: Wed Aug 07, 2013 11:48 am

Re: Cloud core switch - example

Thu Mar 26, 2015 2:05 pm

Looks good.
Do you have a command output? I find it easier to have configuration excerpt...
Here and example for the CRS configuration:
http://wiki.mikrotik.com/wiki/Manual:CRS_examples#VLAN
 
manojlovicl
newbie
Topic Author
Posts: 25
Joined: Mon Aug 18, 2014 11:48 pm

Re: Cloud core switch - example

Thu Mar 26, 2015 2:11 pm

Hi!

The example is not the same - in this example you have 3 tagged vlans going into - and no default untagged vlan (like in my example - vlan 1).

I would like to know how can I be 100% shure that everything is isolated completely - for example I would like to force Access ports to be only for untagged traffic - strictly. Can I somehow configure that?

The problem is that I have doubts that something is not working correctly - I have UBNT antennas on MikroTik router - and we are experiencing problems on radio part - the quality drops - so I am worried if there is something coming through additionly to vlan traffic that should - maybe some broadcast / arp stuff from other vlans (or maybe only from untagged vlan 1?)... Is it possible and how is it possible to strictly force port to be in "untagged" mode only + strictly force to have only particular vlan on the port...
 
lz1dsb
Member Candidate
Member Candidate
Posts: 222
Joined: Wed Aug 07, 2013 11:48 am

Re: Cloud core switch - example

Thu Mar 26, 2015 2:19 pm

Hi!

The example is not the same - in this example you have 3 tagged vlans going into - and no default untagged vlan (like in my example - vlan 1).

I would like to know how can I be 100% shure that everything is isolated completely - for example I would like to force Access ports to be only for untagged traffic - strictly. Can I somehow configure that?

The problem is that I have doubts that something is not working correctly - I have UBNT antennas on MikroTik router - and we are experiencing problems on radio part - the quality drops - so I am worried if there is something coming through additionly to vlan traffic that should - maybe some broadcast / arp stuff from other vlans (or maybe only from untagged vlan 1?)... Is it possible and how is it possible to strictly force port to be in "untagged" mode only + strictly force to have only particular vlan on the port...
Correct, it's just an example :)
In your case you have VLAN 1 which is not tagged even on the trunk port 24.
I would like to know how can I be 100% shure that everything is isolated completely - for example I would like to force Access ports to be only for untagged traffic - strictly. - What do you mean by that? Do you mean that if a tagged frame is received, the switch port should drop it?

Looking at your setup, VLAN 1 is untagged and associated with all of your ports, so yes, anything that's on VLAN 1 should get replicated on all ports.

Is it possible and how is it possible to strictly force port to be in "untagged" mode only + strictly force to have only particular vlan on the port. - According to my understanding, when you associate an access port to a particular VLAN, it's member of that VLAN only, so any other traffic should not be allowes, though I'm not 100% sure about it.

Is it possible to make a sniff on the port that interests you? This is how can now for sure what is happening.


Boyan
 
manojlovicl
newbie
Topic Author
Posts: 25
Joined: Mon Aug 18, 2014 11:48 pm

Re: Cloud core switch - example

Thu Mar 26, 2015 2:22 pm

Ok - how can I restrict vlan 1 not to be on all ports - but only on port 24 (untagged + other tagged vlans) and only on port 4 not on other 3 ports?

Did not I do that with VLAN tab - if you check my config?

Who is online

Users browsing this forum: MSN [Bot], vodokotlic and 64 guests