Community discussions

MikroTik App
 
PackElend
Member Candidate
Member Candidate
Topic Author
Posts: 268
Joined: Tue Sep 29, 2020 6:05 pm

when to use the bridge interface in Firewall, Queue, etc.? (bridge vs VLAN interface)

Sat May 27, 2023 6:59 pm

Hello,
how the bridge interface behaves is well said in viewtopic.php?p=1004571#p902366
  • If the CPU-Port is set untagged, this is the only way to communicate with the Bridge Interface (itself) and services "behind", like DHCP, NTP... In this state "bridge1" is CPU-Port and Interface.
  • If the CPU-Port is set tagged, you will need a dedicated VLAN-Interface - bound to the bridge. But you won't be able to connect to the Bridge Interface itself! Services behind are reached through this dedicated VLAN-Interface via the CPU-Port (called "bridge1", but this refers to the CPU-Port only - not to the Bridge as a dedicated Interface).
.
but where to use the Bridge Interface?
Can I use it somewhere else, e.g. Firewall, Queue, etc. to e.g. simplify things like instead listing all VLAN interfaces or their IP Ranges, I select the bridge which includes all underlying elements.
Last edited by PackElend on Sat May 27, 2023 8:11 pm, edited 1 time in total.
 
User avatar
Amm0
Forum Guru
Forum Guru
Posts: 3169
Joined: Sun May 01, 2016 7:12 pm
Location: California

Re: when to use the bridge interface in Firewall, Queue, etc.?

Sat May 27, 2023 7:30 pm

Bridge as an interface in firewall refers only to the untagged traffic for the bridge interface (typically VLAN 1, but what ever PVID/vlan-id= is set on the bridge interface itself). It is NOT the collection of tagged VLANs on the bridge.

For queues, same should be generally true, but that more complex.

If you set the bridge to accept only tagged packets and use unused vlan-id= on the bridge interface (e.g. one that is NOT an /interface/vlan)...you can avoid thinking too much about the bridge interface mysteries.
 
PackElend
Member Candidate
Member Candidate
Topic Author
Posts: 268
Joined: Tue Sep 29, 2020 6:05 pm

Re: when to use the bridge interface in Firewall, Queue, etc.?

Sat May 27, 2023 8:01 pm

Thx for sharing, got it

my bridge is tagged, so I won't think that much about it anymore 😁

Who is online

Users browsing this forum: No registered users and 45 guests