[delete]

TestyTerminal · Wed May 22, 2024 3:03 am

[delete]

anav · Wed May 22, 2024 3:49 am

Let me try to understand your logic.

1. You bought a switch.
2. You configured as a router
3. You are confused because the throughput is at it states for routing.

Try actually using it as a switch instead. No DHCP
Trunk on ether1 carrying all data vlans and management vlan, access port out to dumb devices, trunk port to other smart devices.

only vlan that needs to be identified with interface the bridge is the managment vlan.
CRS310 gets an IP on the management subnet.

https://www.youtube.com/watch?v=YLtGQAQ8iS0&t=460s

tdw · Wed May 22, 2024 3:52 am

CRS devices are primarily ethernet / layer2 switches with some IP / layer3 functionality, i.e. limited performance as the CPU is not particularly capable. RouterOS v7 introduced L3 hardware offloading, however the DX2000 in the CRS310-8G+2S+ only supports routing offload, not fasttrack and NAT connections.

Use the CRS as a switch, if the TP-Link (or replacement) allows you to disable DHCP you could configure the CRS to also provide DHCP, DNS, etc. and just use the router to provide NAT / firewall / port forwarding.

TestyTerminal · Wed May 22, 2024 4:18 am

CRS devices are primarily ethernet / layer2 switches with some IP / layer3 functionality, i.e. limited performance as the CPU is not particularly capable. RouterOS v7 introduced L3 hardware offloading, however the DX2000 in the CRS310-8G+2S+ only supports routing offload, not fasttrack and NAT connections.

Use the CRS as a switch, if the TP-Link (or replacement) allows you to disable DHCP you could configure the CRS to also provide DHCP, DNS, etc. and just use the router to provide NAT / firewall / port forwarding.

Thanks. Due to my lack of knowledge it's not clear to me how the TP Link Wifi router (that connects to the cable modem) would communicate with the CRS310 if the TP Link has disabled DHCP. Can you clarify this conceptually or point to any guides? If I disable the DHCP Server on the TP Link (which I can see the option to do) I should instead pull an IP # for the TP Link off the CRS 310 instead? This in turn will run at full internet speed but minimal CPU for the scenario I originally described? Sorry if this seems stupid.

TestyTerminal · Wed May 22, 2024 4:47 am

Let me try to understand your logic.

1. You bought a switch.
2. You configured as a router
3. You are confused because the throughput is at it states for routing.

Try actually using it as a switch instead. No DHCP
Trunk on ether1 carrying all data vlans and management vlan, access port out to dumb devices, trunk port to other smart devices.

only vlan that needs to be identified with interface the bridge is the managment vlan.
CRS310 gets an IP on the management subnet.

https://www.youtube.com/watch?v=YLtGQAQ8iS0&t=460s

I am essentially looking for instructions that will make the CRS310 operate as an unmanaged switch as much as possible as a starting point before I wade into trunk ports and vlans, etc. I want to be able to do a basic set up that plugs my the CRS310 into the TP Link router and have the CRS work at full speed on the internet at low CPU use. Is that possible?

gabacho4 · Wed May 22, 2024 6:06 am

If you reset it does it not come with a default config? That should set it to function out of the box solely as a switch. There might be a few tweaks required but they should be minimal.

gigabyte091 · Wed May 22, 2024 8:38 am

Are you sure ? Because my CRS by default works like a router. To set it up as a switch I started by resetting configuration and not applying default one.

Instead just create bridge, add all ports to it, assing dhcp client to the bridge and that should be it.

Not a bad idea to leave one port off the bridge for mgmt.

rplant · Wed May 22, 2024 9:11 am

Example basic setup, my thoughts

NOTE: ** I have no experience with CRS so consider with care **

                     
                     
                     vlan2       +  192.168.2.1  -- Other Devices on vlan2
                                 |
TPLink 192.168.1.1 - vlanbase - CRS 192.168.1.2  -- Other Devices on vlanbase
                                 |
                     vlan3       +  192.168.3.1  -- Other Devices on vlan3


TPLink (or other suitably powerful router) does all NAT and Firewalling
apart from non stateful Intervlan routing/blocking (ACLS) handled by CRS
(at wirespeed)

TPLink has static routes installed for:
   192.168.2.1 via 192.168.1.2
   192.168.3.1 via 192.168.1.2

TPLink may not be able to port forward to anything except 192.168.1.x though :(
But it will/should handle return traffic ok.

On CRS
L3 hardware offload enabled on all vlans.
Route 0.0.0.0/0 via 192.168.1.1


vlanbase
  DHCP default gw = 192.168.1.2
  Likely need CRS to be DHCP server, (Makes it more consistent anyway)
  TPLink might allow setting another device as default gw, but unlikely.

  Traffic from devices on vlanbase destined for internet will go via
    Device->CRS->TPLink->Internet
  return traffic will go 
    Internet->TPLink->Device (Asymmetric)
  Hopefully this will be fine (as hardware L3 routing will be stateless)

vlan2 default gw=192.168.2.1
  CRS is dhcp server

vlan3 default gw=192.168.3.1
  CRS is dhcp server

Use ACL's on CRS to block intervlan traffic as required.

One Ref:
https://help.mikrotik.com/docs/display/ROS/L3+Hardware+Offloading

Wed May 22, 2024 12:14 pm

Are you sure ? Because my CRS by default works like a router.

Are you sure?

Become sure by saying "/system/default-configuration/print without-paging" and then stripping away all the conditional logic, unrolling the "for" loops, etc.

When I do that here on my CRS328 running 7.15rc3, it distills to this:

/interface bridge
add name=bridge protocol-mode=rstp \
auto-mac=no admin-mac=… comment=defconf
/interface bridge port
add bridge=bridge interface=ether1 comment=defconf
…repeat for all interfaces…
/ip address add address=192.168.88.1/24 interface=bridge comment="defconf"
/user set admin password=…
/user expire-password admin

Very much a switch configuration, not a router config.

gigabyte091 · Wed May 22, 2024 12:23 pm

I checked, yea I'm wrong

sorry

TestyTerminal · Wed May 22, 2024 7:36 pm

The default configuration of the CRS and nor selecting Bridge or Router in Quick Set automatically lead to a working device when connected as I've described.

Anyone with this model or similar who knows how to get it to work a switch-only and as close to an unmanaged switched and can share their setup, that'd be appreciated. It's again connected to a port off a TP Link Wifi router and is assigned by the TP Link a static IP (192.168.0.151) that maps to the MAC of the eth1 on the CRS. That's my starting point for reference.

anav · Wed May 22, 2024 8:21 pm

Hold your horses, time for you to put forth some effort! The video link I provided shows you how starting at minute 8:00 for the CRS device.
Its the simplest variation. At the /interface bridge port settings, ensure you check ingress filtering and frame types as appropriate.

TestyTerminal · Wed May 22, 2024 9:19 pm

Hold your horses, time for you to put forth some effort! The video link I provided shows you how starting at minute 8:00 for the CRS device.
Its the simplest variation. At the /interface bridge port settings, ensure you check ingress filtering and frame types as appropriate.

If setting up multiple tagged and untagged ports on several different vlans and all on multiple IP subnets (e.g, "Mgmt, IT, Marketing") is all required to get a CRS to work like an unmanaged switch (with 1 default lan) this isn't going to work for me. I may have the patience to wade through this subject someday but not in the near term.

There should be a simple process to get a CRS to function similar a dumb switch in under 3(?) steps as a basic operating starting point. What, discretely, are those steps?

anav · Wed May 22, 2024 9:29 pm

Suggest return the CRS and buy a netgear unmanaged switch, save yourself much time now and in the future. MT is not for you.

gigabyte091 · Wed May 22, 2024 9:34 pm

Well, you don't need to setup VLANs if you are not using them. By default VLAN filtering is off so switch can't be dumber than that.

Only thing i would change is to remove one port off the bridge, then in IP/Addresses change interface on address 192.168.88.1 from bridge to for eg ether8 so you have off bridge mgmt port in case you decide to use more functions and screw something up.

And create dhcp client on the bridge so device get IP address automatically when plugged into router.

Then you will have "dumb" switch. But it's a shame to use such device as plain dumb switch...

gabacho4 · Wed May 22, 2024 9:45 pm

There should be a simple process to get a CRS to function similar a dumb switch in under 3(?) steps as a basic operating starting point. What, discretely, are those steps?

I gotta stop taking crazy pills. I swear I thought he said he bought a managed switch at a premium price in order to use it as a $30 unmanaged TP-link.

anav · Wed May 22, 2024 10:54 pm

Ur killin me gazpacho

TestyTerminal · Thu May 23, 2024 12:58 am

Well, you don't need to setup VLANs if you are not using them. By default VLAN filtering is off so switch can't be dumber than that.

Only thing i would change is to remove one port off the bridge, then in IP/Addresses change interface on address 192.168.88.1 from bridge to for eg ether8 so you have off bridge mgmt port in case you decide to use more functions and screw something up.

And create dhcp client on the bridge so device get IP address automatically when plugged into router.

Then you will have "dumb" switch. But it's a shame to use such device as plain dumb switch...

As I noted I am just attempting to get a starting configuration to actually work as a proper switch (not router) as the Quick Set options aren't creating an immediately functioning device . Once stuff works at the most basic level then I'll learn more, with anticipated interest, I'll start tinkering more and learn more complex set ups. I hope I'm in the right place- "Beginner Basics" forum- as this is indeed from where I am starting as everyone else did one day but this forum seems more a place for experts to berate beginners instead of helping the Mikrotik brand.

gabacho4 · Thu May 23, 2024 1:22 am

Bro people have tried to help you. You're the one who has declared it to be too complicated to worry about and that such difficulty isn't something you have time for and it's not going to work for you. SO.....???? As a word of advice, acting like you have better things to do than learn and make an attempt (or many attempts) doesn't make anyone want to help you nor will you have success getting most of us to just do the work for you. Our networks are running just fine. Yours is not. I refuse to want it more than you do.

Can you please connect to the switch and run

system/default-configuration/print

in a terminal window and provide the output in your response? In general, most of us avoid Quick Set like the plague.

EDIT: if any other readers have the same model of switch and can run the default config command, please provide output? Just trying to understand how this switch comes out of the box with no changes as I don't have one.

jaclaz · Thu May 23, 2024 1:44 am

Check the post by tangent, he "distilled" the basic settings of an unmanaged switch (but with an IP address added to the bridge, useful for configuration).
A switch, check the post by tdw, is a L2 device, an unmanaged switch does not have an IP because it doesn't need to be configured.
If you want to start with a (sort of) unmanaged switch, you only need the settings in tangent's post.
Personally I would leave for the moment the two SFP ports alone and keep one ethernet port (ether8) out of the bridge, giving It the usual 192.168.88.1 address for (future) management.
Using Winbox you don't really need an IP, as you can use the MAC connection on the bridge, but It Is always a good idea to have a dedicated management port with a fixed static IP.
Then have a bridge with ether 1-7 added to it.
That's it, you should have a 7 Port unmanaged switch.

gabacho4 · Thu May 23, 2024 2:17 am

I guess homeboy has no more intentions to work on this. He's been bitching about the switch since February with very familiar results and claims of disappointment that the switch doesn't work as expected. Meh.....D-link it is I guess.

gigabyte091 · Thu May 23, 2024 8:41 am

OP here is more one click wizard Ubiquiti or TP-Link style of user.

infabo · Thu May 23, 2024 8:44 am

CRS310 can be operated with SwitchOS as well. I guess this would have been the easiest solution for OP.

Thu May 23, 2024 9:58 am

Thread locked since OP has decided to clean the first post.
So much for being transparent ...

[delete]

[delete]

Re: CRS310-8G+S2 reality check on CPU use when using internet traffic

Re: CRS310-8G+S2 reality check on CPU use when using internet traffic

Re: CRS310-8G+S2 reality check on CPU use when using internet traffic

Re: CRS310-8G+S2 reality check on CPU use when using internet traffic

Re: CRS310-8G+S2 reality check on CPU use when using internet traffic

Re: CRS310-8G+S2 reality check on CPU use when using internet traffic

Re: CRS310-8G+S2 reality check on CPU use when using internet traffic

Re: CRS310-8G+S2 reality check on CPU use when using internet traffic

Re: CRS310-8G+S2 reality check on CPU use when using internet traffic

Re: CRS310-8G+S2 reality check on CPU use when using internet traffic

Re: CRS310-8G+S2 reality check on CPU use when using internet traffic

Re: CRS310-8G+S2 reality check on CPU use when using internet traffic

Re: CRS310-8G+S2 reality check on CPU use when using internet traffic

Re: CRS310-8G+S2 reality check on CPU use when using internet traffic

Re: CRS310-8G+S2 reality check on CPU use when using internet traffic

Re: CRS310-8G+S2 reality check on CPU use when using internet traffic

Re: CRS310-8G+S2 reality check on CPU use when using internet traffic

Re: CRS310-8G+S2 reality check on CPU use when using internet traffic

Re: CRS310-8G+S2 reality check on CPU use when using internet traffic

Re: [delete]

Re: [delete]

Re: [delete]

Re: [delete]

Who is online