MikroTik

According to https://wiki.mikrotik.com/wiki/Manual:S ... p_Features the Realtek switch chip used by RB1100AHx4 (and possibly also *future* RBs ) lacks a vlan table.
Does that result in no way of doing vlan filtering in hardware on these devices? The idea, that a lot of the cheap low-end devices ship with a better switch chip than a $300 rack mounted device, sounds quite strange, so please tell me that my assumption is wrong.

I cannot confirm/deny what is really going on with RB1100AHx4 but info from Realtek sounds promising: all variants of RTL8367 have 4k VLAN table.
Looking forward for someone with RB1100AHx4 to confirm if it is implemented or not.

I have a couple of RB1100AHx4 and I can confirm that vlan-mode and vlan-header are not supported (RouterOS 6.40.8 ).

My guess is that the chip supports a VLAN table but the first VLAN layer is used by RouterOS to provide the function of having several independent ports connected to the router. E.g. in RB1100AHx4 to use ports 11 12 and 13 independently to connect to different ISP or similar.
When you as a user want to use VLAN, the chip has to support nested VLAN and apparently it doesn't.

Why MikroTik is moving to those chips, while other products have e.g. the Atheros 8327 which does not have those limitations, I don't know.

I believe that this router has more than enough horsepower to do VLANs in hardware and still achieve high throughputs. But then again, it depends on what you want to do with it...

In software, you mean. Yes, certainly.

Thank you for the confirmation.
While I get that a router is expected to provide only limited switching features and has the necessary CPU power to perform certain things in software, I'm still confused by this decision. Why would I need 10+ ports on a router if it can't do proper vlan switching in hardware and it ends up doing nothing but a few vlan-trunks to a proper switch?

When you use it as a router it is quite useful to have a number of ports. Although 13 is a bit of an odd number.
You could have 1-3 ISP connections, a couple of wireless links, maybe 2-3 local networks that are physically separate.
I use a CCR1009 in two different locations setup like that (with 8 ports).

When you expect a router to be a combination of router/switch it indeed can be different. But then you often also encounter "problems" because in these routers (and others in the MikroTIk gamma) there often are different switch groups that you need to software-bridge together.

But if I'm forced to connect a "real" switch anyway I can get all the ports i need from the switch.
Want to connect three ISPs? Configure three ports on your switch on separate vlans and pass them through a "WAN" trunk to your router.
Want multiple local networks? Separate them on your switch and pass a "LAN" trunk to your router.
Need more bandwidth? Use bonding or 10 GbE, in case of RB1100AHx4 the CPU is limited to 2.5 Gbps per switch group anyway.
=> 2-3 ports in use, 10 "useless" ports remaining.

Yes, there are ways to use that many ports without switch features, but I don't think they are reasonable. I'd prefer either a router with fewer but possibly faster ports, or a CRS3xx like switch but with fast routing performance.

The function of separating different LANs via VLAN is already done by the hardware in this router.
You can program individual ports as individual networks or links and inside the router that mechanism is very likely used to get everything to the CPU chip.
When you want more ports linked together you can put them in a bridge with hw accel. That will be like a switch.
Only when you want a combination of trunk ports and untagged ports in the same VLAN you will have software handling.