Community discussions

MikroTik App
 
ourplan
newbie
Topic Author
Posts: 28
Joined: Mon Oct 23, 2017 10:42 am

Crs bridge vlan problem

Sat Jun 03, 2023 6:03 pm

Hello.

I meet the internet with Vlan on crs switch. Under this vlan, I have AP devices on switch ports through other vlans. CPU increases when vlan is added to Brigde. I need to edit this with vlan filtering but I couldn't.
As an example, I am posting the CCR device setting that sends VLAN below.

-CCR-
/interface vlan
add interface=sfp-sfpplus1 name=VLan-10 vlan-id=10
add interface=VLan-10 name=AP1 vlan-id=20
add interface=VLan-10 name=AP2 vlan-id=21
-SWITCH-
/interface vlan
add interface=sfp-sfpplus1 name=vlan1 vlan-id=10
/interface bridge add 
name=bridge1
/interface bridge port 
add bridge=bridge1 interface=vlan1
add bridge=bridge1 interface=ether1
add bridge=bridge1 interface=ether2
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 11381
Joined: Thu Mar 03, 2016 10:23 pm

Re: Crs bridge vlan problem

Sat Jun 03, 2023 6:20 pm

You should configure CRS device as a switch with single bridge and all VLAN manipulation done on it. This way switch will delegate VLAN tagging (etc.) to hardware rather doing it in software.

Read this article to get idea about how it should be done: viewtopic.php?t=143620
 
ourplan
newbie
Topic Author
Posts: 28
Joined: Mon Oct 23, 2017 10:42 am

Re: Crs bridge vlan problem

Sat Jun 03, 2023 11:42 pm

You should configure CRS device as a switch with single bridge and all VLAN manipulation done on it. This way switch will delegate VLAN tagging (etc.) to hardware rather doing it in software.

Read this article to get idea about how it should be done: viewtopic.php?t=143620
Thank you for your answer, but unfortunately I did not get any results even though I applied what was communicated.
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 11381
Joined: Thu Mar 03, 2016 10:23 pm

Re: Crs bridge vlan problem

Sun Jun 04, 2023 12:11 am

You probably need something like this on CRS instead of the part you posted above:
/interface bridge
add name=bridge1 vlan-filtering=yes
/interface bridge port 
add bridge=bridge1 interface=sfp-sfpplus1 frame-types=admit-only-vlan-tagged
add bridge=bridge1 interface=ether1 pvid=10 frame-types=admit-only-untagged-and-priority-tagged
add bridge=bridge1 interface=ether2 pvid=10 frame-types=admit-only-untagged-and-priority-tagged
/interface bridge vlan
add bridfe=bridge1 vlan-id=10 tagged=sfp-sfpplus1 untagged=ether1,ether2

The "untagged" part of bridge vlan config is optional, port gets added as untagged member of appropriate VLAN when pvid is set.

Be aware that only single bridge can be offloaded to hardware ...
 
ourplan
newbie
Topic Author
Posts: 28
Joined: Mon Oct 23, 2017 10:42 am

Re: Crs bridge vlan problem

Sun Jun 04, 2023 9:35 pm

You probably need something like this on CRS instead of the part you posted above:
/interface bridge
add name=bridge1 vlan-filtering=yes
/interface bridge port 
add bridge=bridge1 interface=sfp-sfpplus1 frame-types=admit-only-vlan-tagged
add bridge=bridge1 interface=ether1 pvid=10 frame-types=admit-only-untagged-and-priority-tagged
add bridge=bridge1 interface=ether2 pvid=10 frame-types=admit-only-untagged-and-priority-tagged
/interface bridge vlan
add bridfe=bridge1 vlan-id=10 tagged=sfp-sfpplus1 untagged=ether1,ether2

The "untagged" part of bridge vlan config is optional, port gets added as untagged member of appropriate VLAN when pvid is set.

Be aware that only single bridge can be offloaded to hardware ...
I applied the system you forwarded and I did not understand why, but I lost access with the switch. I'm making a mistake somewhere, but I don't quite understand. I can communicate between switch and ccr, but no pppoe connections defined under the vlan.
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 11381
Joined: Thu Mar 03, 2016 10:23 pm

Re: Crs bridge vlan problem

Sun Jun 04, 2023 10:24 pm

Well, the "something like this" example in my previous post was not complete config obviously ... as you did not "paint" the full picture here. One thing, whuch is probably breaking your setup: the whole management stuff. There has to be the path between management (V)LAN and device's CPU. For different bridge personalities check this thread. The "switch facing interface of router" gas to be made member of management VLAN, appropriate vlan interface has to be created and corresponding IP setup has to be applied.

Who is online

Users browsing this forum: almdandi, baragoon, Bing [Bot], Google [Bot], GoogleOther [Bot], johnson73, loloski and 86 guests