Community discussions

MikroTik App
 
janje
just joined
Topic Author
Posts: 1
Joined: Mon May 29, 2023 10:21 pm

CRS328 vlan configuration

Mon May 29, 2023 10:57 pm

Hi,
I'm new on forum, but have some basic experience with mikrotik products. I spend already lot of time studying vlan configuration on CRS3XX series. Currently I'm trying to configure CRS328 as switch according to wiki: https://wiki.mikrotik.com/wiki/Manual:B ... _switching

My setup is little bit more complex with more vlans, some trunk ports and some hybrid ports. I can share my configuration if necessary. Overall my configuration seems to work fine with one exception and that is the bridge1 connection.

I'm following CRS3xx series approach and running ROS v7.9. Can you give me some sanity check? I assume, that following the wiki configuration I should be able to ping the router above my CRS328 switch from bridge1 interface, is my assumption correct? I would not test that normally, but I'm unable to establish NTP client connection from switch itself to the public NTP server. When I try to ping the router from the switch without specifying interface it works, when I try to ping it from MGMT vlan it works as well. Same goes for the ip address of NTP server. Ping from bridge1 timeouts all the time, and i guess that is why NTP client does not connect.

So my main question is whether the example configuration from wiki should allow NTP client connection to work? If so I will share my configuration, if not how to modify the example to allow this?

Thank You!
 
sindy
Forum Guru
Forum Guru
Posts: 10205
Joined: Mon Dec 04, 2017 9:19 pm

Re: CRS328 vlan configuration

Mon Jun 05, 2023 8:43 am

I can share my configuration if necessary.
The actual configuration is indeed necessary. The manual page you have linked says nothing about how IP addresses are linked to the bridge interface itself and to the VLANs.

I'm unable to establish NTP client connection from switch itself to the public NTP server. When I try to ping the router from the switch without specifying interface it works, when I try to ping it from MGMT vlan it works as well. Same goes for the ip address of NTP server. Ping from bridge1 timeouts all the time, and i guess that is why NTP client does not connect.
The NTP client acts as any other client process, i.e. when sending a request packet, it determines the source interface and source address by the result of looking up a route to the destination address. So if ping to the NTP server address works without forcing a source address and/or interface manually, so should the NTP. But the source address & interface chosen may not be the ones you expect.

So maybe the firewall on the router prevents the NTP requests or responses from reaching their destination because the address at the switch side is different from what it expects, or maybe no IP address is assigned to bridge1 at all, or maybe there is one but no route to that address exists on the router?

Who is online

Users browsing this forum: bp0, miks, rplant, Victoravv and 76 guests