Community discussions

MikroTik App
 
tikker
newbie
Topic Author
Posts: 43
Joined: Tue Nov 19, 2019 11:40 pm

VLANs: setting it all up from the ground

Sun Jan 23, 2022 3:08 pm

Hi again,

I'd like to use this post to get a better understanding with hands-on work to set up my future LAN environment using VLANs.

So far this is all testing and my setup is:

- a RB5009 which shall act as the primary router
- a hAPac2 which shall act as a switch and provide its radios to the Capsman on the router
- an ordinary switch that connects both devices and my PC using static addresses, so that I hopefully do not lock myself out.

Router and hap are both on ROS 7.2rc1.

I'd like to start with the router:

I have three VLANs (31, 32, 33).

Ether 1 is statically configured (for local testing maintenance)
Ether 2 shall be the trunk port to the hap (not connected, yet)
Ether 3 shall be an access port for VLAN 31
Ether 4 shall be an access port for VLAN 32
Ether 5 shall be an access port for VLAN 33

My config so far looks like this:
/interface bridge
add name=bridge1 vlan-filtering=yes
/interface vlan
add interface=bridge1 name=vlan_31 vlan-id=31
add interface=bridge1 name=vlan_32 vlan-id=32
add interface=bridge1 name=vlan_33 vlan-id=33
/interface bridge port
add bridge=bridge1 interface=ether2 pvid=31
add bridge=bridge1 interface=ether3 pvid=31
add bridge=bridge1 interface=ether4 pvid=32
add bridge=bridge1 interface=ether5 pvid=33
/interface bridge vlan
add bridge=bridge1 tagged=bridge1,ether2 untagged=vlan_31 vlan-ids=31
add bridge=bridge1 tagged=bridge1,ether2 untagged=vlan_32 vlan-ids=32
add bridge=bridge1 tagged=bridge1,ether2 untagged=vlan_33 vlan-ids=33
/ip pool
add name=pool_31 ranges=10.31.0.100-10.31.0.254
add name=pool_32 ranges=10.32.0.100-10.32.0.254
add name=pool_33 ranges=10.33.0.100-10.33.0.254
/ip dhcp-server
add address-pool=pool_31 interface=vlan_31 lease-time=1m name=dhcp_31
add address-pool=pool_32 interface=vlan_32 lease-time=1m name=dhcp_32
add address-pool=pool_33 interface=vlan_33 lease-time=1m name=dhcp_33
/ip address
add address=192.168.88.101/24 interface=ether1 network=192.168.88.0
add address=10.31.0.1/24 interface=vlan_31 network=10.31.0.0
add address=10.32.0.1/24 interface=vlan_32 network=10.32.0.0
add address=10.33.0.1/24 interface=vlan_33 network=10.33.0.0
/ip dhcp-server network
add address=10.31.0.0/24 netmask=24
add address=10.32.0.0/24
add address=10.33.0.0/24
I get the expected IP address from the desired pools on the access ports, and also a VLAN-31 address on the trunk port, to access the hap in the future.

Am I on the right way with this? Or is there already a misunderstanding that will make my life harder in the next steps?
 
tikker
newbie
Topic Author
Posts: 43
Joined: Tue Nov 19, 2019 11:40 pm

Re: VLANs: setting it all up from the ground

Sun Jan 23, 2022 5:38 pm

Next step is to connect the hap:

Ether 1 is the trunk port and also the maintenance interface on VLAN 31.
Ether 2 should be an access port for VLAN 31
Ether 3 should be an access port for VLAN 32
Ether 4 should be an access port for VLAN 33
Ether 5 again statically configured for maintenance during testing

My config so far:
/interface bridge
add name=bridge1 vlan-filtering=yes
/interface vlan
add interface=bridge1 name=vlan_31 vlan-id=31
/interface bridge port
add bridge=bridge1 interface=ether2 pvid=31
add bridge=bridge1 interface=ether3 pvid=32
add bridge=bridge1 interface=ether4 pvid=33
add bridge=bridge1 interface=ether1
/interface bridge vlan
add bridge=bridge1 tagged=ether1,bridge1 vlan-ids=31
add bridge=bridge1 tagged=ether1 vlan-ids=32
add bridge=bridge1 tagged=ether1 vlan-ids=33
/ip address
add address=192.168.88.102/24 interface=ether5 network=192.168.88.0
/ip dhcp-client
add interface=vlan_31
So far so good: IP addresses come from the expected DHCP server. On the access port ether 3 on the router and ether 2 on the hap, I can reach the Mikrotiks via ssh.

Still on the right way, or any comments?
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 11768
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: VLANs: setting it all up from the ground

Sun Jan 23, 2022 6:24 pm

Please read this reference for review.
However use of capsman add needless complexities and if you only have the single hapac radios, you are wasting your time on capsman.

If you want to see the light, then read this for vlan setup.
viewtopic.php?t=143620
I'd rather manage rats than software. Follow my advice at your own risk! (Sob & mkx forced me to write that!)
MTUNA Certified, by the Ascerbic Llama!

Who is online

Users browsing this forum: No registered users and 23 guests