Community discussions

MikroTik App
 
N30dg
just joined
Topic Author
Posts: 1
Joined: Sat Jan 22, 2022 12:06 pm

VLAN-Bridge warning

Sat Jan 22, 2022 12:40 pm

Hello,
I'm a little bit ashamed to ask such a simple Question, as I'm working as a Fulltime Networkengineer at an ISP, but this is my first Mikrotik device and the configuration philosophy is quite different from our Nokia-NE's, that I'm used to.

Anyway, I have a CRS317-1G-16S+ runnig RouterOS 6.49beta11 configured as a simple VLAN-Switch, but I'm getting a Warning that I can't resolve.
port with pvid added to untagged group which might cause problems, consider adding a seperate VLAN entry
Dispite this warning, everything seem's to work as expected.

Any advice is appreciated. My config es quite simple so posting all of it:
/interface bridge
add frame-types=admit-only-vlan-tagged ingress-filtering=yes name=bMain vlan-filtering=yes
add name=bMgnt
/interface ethernet
set [ find default-name=sfp-sfpplus1 ] l2mtu=9216 mtu=9216 name=01-Jizo-1
set [ find default-name=sfp-sfpplus2 ] l2mtu=9216 mtu=9216 name=02-Jizo-2
set [ find default-name=sfp-sfpplus3 ] advertise=10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full,10000M-full l2mtu=9216 mtu=9216 name=03-Ophois
set [ find default-name=sfp-sfpplus4 ] advertise=10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full,10000M-full l2mtu=9216 mtu=9216 name=04-Raijin
set [ find default-name=sfp-sfpplus5 ] advertise=10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full,10000M-full l2mtu=9216 mtu=9216 name=05-Wurzel
set [ find default-name=sfp-sfpplus6 ] advertise=10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full,10000M-full l2mtu=9216 mtu=9216 name=06-Stamm1
set [ find default-name=sfp-sfpplus7 ] advertise=10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full,10000M-full l2mtu=9216 mtu=9216 name=07-Inari
set [ find default-name=sfp-sfpplus16 ] advertise=10M-half,10M-full,100M-half,100M-full,1000M-half,1000M-full,10000M-full l2mtu=9216 mtu=9216 name=16-Uplink
set [ find default-name=ether1 ] name=Mgnt
set [ find default-name=sfp-sfpplus8 ] disabled=yes
set [ find default-name=sfp-sfpplus9 ] disabled=yes
set [ find default-name=sfp-sfpplus10 ] disabled=yes
set [ find default-name=sfp-sfpplus11 ] disabled=yes
set [ find default-name=sfp-sfpplus12 ] disabled=yes
set [ find default-name=sfp-sfpplus13 ] disabled=yes
set [ find default-name=sfp-sfpplus14 ] disabled=yes
set [ find default-name=sfp-sfpplus15 ] disabled=yes
/interface bonding
add mode=802.3ad mtu=9216 name=LAG-Jizo slaves=01-Jizo-1,02-Jizo-2
/interface bridge port
add bridge=bMain frame-types=admit-only-untagged-and-priority-tagged ingress-filtering=yes interface=03-Ophois pvid=20
add bridge=bMain frame-types=admit-only-vlan-tagged ingress-filtering=yes interface=16-Uplink
add bridge=bMgnt hw=no interface=Mgnt
add bridge=bMain frame-types=admit-only-untagged-and-priority-tagged ingress-filtering=yes interface=LAG-Jizo pvid=20
add bridge=bMain frame-types=admit-only-untagged-and-priority-tagged ingress-filtering=yes interface=05-Wurzel pvid=30
add bridge=bMain frame-types=admit-only-untagged-and-priority-tagged ingress-filtering=yes interface=07-Inari pvid=20
add bridge=bMain frame-types=admit-only-untagged-and-priority-tagged ingress-filtering=yes interface=04-Raijin pvid=20
/interface bridge vlan
# port with pvid added to untagged group which might cause problems, consider adding a seperate VLAN entry
add bridge=bMain tagged=16-Uplink untagged=LAG-Jizo,03-Ophois,04-Raijin,05-Wurzel,07-Inari vlan-ids=20,30
/ip address
add address=192.168.1.29/24 interface=bMgnt network=192.168.1.0
/ip dhcp-client
add comment=defconf disabled=no
/system clock
set time-zone-name=Europe/Berlin
/system leds
add leds=user-led type=flash-access
/system routerboard settings
set boot-os=router-os
 
Sob
Forum Guru
Forum Guru
Posts: 9119
Joined: Mon Apr 20, 2009 9:11 pm

Re: VLAN-Bridge warning

Mon Jan 24, 2022 12:42 am

In "/interface bridge port" you have ports with pvid=20 or pvid=30, so those are untagged access ports for vlan 20 or 30. But in "/interface bridge vlan" you have those ports listed as untagged for both vlan 20 and 30 at the same time. You should split this in two entries, one for vlan-ids=20 and another for vlan-ids=30. And only add their own untagged ports for each. Or you don't have to list them at all, and they will be added dynamically. But it doesn't hurt if you add them manually anyway.

Who is online

Users browsing this forum: hatred, ywlhlp and 34 guests