Community discussions

MikroTik App
 
darthgizm0
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 56
Joined: Sat Dec 17, 2022 5:27 am
Location: USA

Followed user article but VLANs not working

Wed Jun 07, 2023 4:11 pm

Hello,

I have a hEX, CSS610-8G, and CSS610-8P on my network and I am attempting to get VLANs setup. I followed the instructions in this thread but my two systems are not receiving an IP from the DHCP server on the hEX.

My config is below.
# jun/07/2023 08:55:21 by RouterOS 6.48.6
# software id = KHHU-L60U
#
# model = RB750Gr3

/interface bridge
add admin-mac=DC:2C:6E:7B:1D:1B auto-mac=no comment=defconf fast-forward=no \
    name=Bridge-LAN
add name=Bridge-VLANs protocol-mode=none pvid=2 vlan-filtering=yes

/interface ethernet
set [ find default-name=ether1 ] disabled=yes
set [ find default-name=ether2 ] disabled=yes
set [ find default-name=ether4 ] comment=LAN
set [ find default-name=ether5 ] comment="WAN"

/interface vlan
add interface=Bridge-VLANs name=vlan5 vlan-id=5

/interface list
add comment=defconf name=WAN
add comment=defconf name=LAN

/ip pool
add name=Bridge ranges=172.16.1.100-172.16.1.150
add name="VLAN 5 Pool" ranges=172.16.5.2-172.16.5.5

/ip dhcp-server
add address-pool=Bridge disabled=no interface=Bridge-LAN lease-time=4h name=\
    "Bridge DHCP"
add address-pool="VLAN 5 Pool" disabled=no interface=vlan5 name="VLAN 5 DHCP"

/interface bridge port
add bridge=Bridge-LAN interface=ether4
add bridge=Bridge-VLANs frame-types=admit-only-vlan-tagged ingress-filtering=\
    yes interface=ether3
/ip neighbor discovery-settings
set discover-interface-list=LAN protocol=""
/interface bridge vlan
add bridge=Bridge-VLANs tagged=Bridge-VLANs,ether3 vlan-ids=5
/interface ethernet switch vlan
add independent-learning=no ports=ether3 switch=switch1 vlan-id=5
/interface l2tp-server server
set use-ipsec=required
/interface list member
add comment=defconf interface=Bridge-LAN list=LAN
add interface=ether5 list=WAN
/ip address
add address=172.16.1.1/24 comment="vlan 1 - Trusted" interface=Bridge-LAN \
    network=172.16.1.0
add address=172.16.5.1/24 comment="vlan 5" interface=vlan5 network=172.16.5.0
/ip cloud
set ddns-enabled=yes ddns-update-interval=1h update-time=no
/ip dhcp-client
add default-route-distance=5 disabled=no interface=ether5 use-peer-dns=no
/ip dhcp-server network
add address=172.16.1.0/24 comment="Bridge-LAN DHCP Settings" dns-server=\
    172.16.1.1 domain=domain.local gateway=172.16.1.1 netmask=24
add address=172.16.5.0/24 dns-server=172.16.5.1 domain=domain.testing gateway=\
    172.16.5.1
/ip dns
set allow-remote-requests=yes cache-max-ttl=1h servers=\
    208.67.222.222,208.67.220.220
/ip firewall nat
add action=passthrough chain=unused-hs-chain comment=\
    "place hotspot rules here" disabled=yes
add action=masquerade chain=srcnat comment="Default MASQ" out-interface=\
    ether5
/ip service
set telnet disabled=yes
set ftp disabled=yes
set www address=172.16.1.0/24
set ssh address=172.16.1.0/24
set api disabled=yes
set winbox address=172.16.1.0/24
set api-ssl disabled=yes
/ip ssh
set strong-crypto=yes
/system clock
set time-zone-name=America/New_York
/system identity
set name=router
/system ntp client
set enabled=yes server-dns-names=0.us.pool.ntp.org,1.us.pool.ntp.org
/tool bandwidth-server
set enabled=no
/tool graphing interface
add interface=Bridge-LAN
add interface=ether3
/tool graphing resource
add store-on-disk=no
/tool mac-server
set allowed-interface-list=none
/tool mac-server mac-winbox
set allowed-interface-list=none
/tool mac-server ping
set enabled=no
/tool sniffer
set filter-interface=Bridge-LAN filter-ip-address=4.2.2.2/32
/tool traffic-monitor
add interface=ether1 name=WAN traffic=received
 
erlinden
Forum Guru
Forum Guru
Posts: 1926
Joined: Wed Jun 12, 2013 1:59 pm
Location: Netherlands

Re: Followed user article but VLANs not working

Wed Jun 07, 2023 4:26 pm

Before reading any further...you have two bridges, hence you didn't follow the topic referred to.
Change it to a single bridge!
 
holvoetn
Forum Guru
Forum Guru
Posts: 5422
Joined: Tue Apr 13, 2021 2:14 am
Location: Belgium

Re: Followed user article but VLANs not working

Wed Jun 07, 2023 4:33 pm

Since you are using 2 bridges and use the switch settings, I highly doubt you followed that article ?

Start with router config as base (post #2 of that article).
1 bridge.
See if you can get that working.
Then add the other stuff you need.
 
darthgizm0
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 56
Joined: Sat Dec 17, 2022 5:27 am
Location: USA

Re: Followed user article but VLANs not working

Wed Jun 07, 2023 4:39 pm

I have two bridges because I have my working home network on one bridge on ether4 which connects to a port on the CSS610-8P configured as PVID 1 and my testing bridge with the VLANs on ether3 that connects to another port on the CSS610-8P with PVID 2 and tagged VLAN 5 on the VLANs section of SwitchOS. Sorry for the confusion. I did try using the VLAN section under the switch section to see if that would help since the article didn't give the expected result.

I'll remove the vlan from the switch section, test again, and post config.
 
holvoetn
Forum Guru
Forum Guru
Posts: 5422
Joined: Tue Apr 13, 2021 2:14 am
Location: Belgium

Re: Followed user article but VLANs not working

Wed Jun 07, 2023 4:45 pm

1 bridge is all it takes ...
 
darthgizm0
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 56
Joined: Sat Dec 17, 2022 5:27 am
Location: USA

Re: Followed user article but VLANs not working

Wed Jun 07, 2023 5:16 pm

I don't want to affect the people at home while I troubleshoot VLAN configuration so that is why I am using a separate bridge. Once I confirm the VLAN configuration is working I will replicate the configuration to the primary bridge and delete the test bridge.

Is it an issue to have a separate bridge for this testing process?
 
erlinden
Forum Guru
Forum Guru
Posts: 1926
Joined: Wed Jun 12, 2013 1:59 pm
Location: Netherlands

Re: Followed user article but VLANs not working

Wed Jun 07, 2023 5:37 pm

Changing configs can always cause interruptions...do you have a spare part laying around that you can use for testing?
Or a spare window of time to build it from scratch?
 
darthgizm0
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 56
Joined: Sat Dec 17, 2022 5:27 am
Location: USA

Re: Followed user article but VLANs not working

Wed Jun 07, 2023 5:44 pm

I do have a hAP ac lite that I can test with and won't affect the main network.
 
User avatar
Amm0
Forum Guru
Forum Guru
Posts: 3317
Joined: Sun May 01, 2016 7:12 pm
Location: California

Re: Followed user article but VLANs not working

Wed Jun 07, 2023 5:51 pm

I do have a hAP ac lite that I can test with and won't affect the main network.
That sounds good idea — let you safely play with how the Bridge VLAN filtering works. Basically @pcunite's guide really assumes your starting fresh, and one config line kinda depends on another... So trying to adapt it a 2nd bridge just gets confusing, and still risky you'd break something to test ;)

If you posted some diagram of your desired network topology, you'd likely get a lot of good advice on to achieve it.

Who is online

Users browsing this forum: Amazon [Bot], haseebpgc, Shambler and 57 guests