Community discussions

MikroTik App
 
User avatar
afink
newbie
Topic Author
Posts: 34
Joined: Wed May 29, 2013 7:16 pm
Location: Basel & Freetown
Contact:

Bridge Access ports

Thu Jun 30, 2022 10:08 pm

It is my understanding that when I configure an access port of a specific vlan, I do the following

create a bridge
add port into bridge
define PVID in the bridge port to by my access vlan
create a vlan inside the bridge and list the port as untagged.

This means anything going out on that port on the specified vlan goes out untagged
anything coming in untagged on that port, gets into the vlan noted with PVID.

Today I connected another "dumb" old switch on such an access port and a few hosts behind it. These hosts should only be in my vlan 527. I have set up a DHCP server on the vlan 527 but the hosts dont get IP's. When I define the DHCP server on the bridge port instead , they get ips but they can not talk to hosts on vlan 527.
So obviously something is missing.

Any hints?

RouterOS 7.3.1
 
User avatar
cfikes
Member Candidate
Member Candidate
Posts: 106
Joined: Mon Dec 08, 2014 9:14 pm
Location: Texas
Contact:

Re: Bridge Access ports

Thu Jun 30, 2022 10:33 pm

Depends on the series switch how its configured. CRS1xx,2xx are configured differently from the CRS3xx,5xx. Check out this section of the documentation.

https://help.mikrotik.com/docs/display/ ... +Switching
 
User avatar
afink
newbie
Topic Author
Posts: 34
Joined: Wed May 29, 2013 7:16 pm
Location: Basel & Freetown
Contact:

Re: Bridge Access ports

Thu Jun 30, 2022 10:36 pm

Depends on the series switch how its configured. CRS1xx,2xx are configured differently from the CRS3xx,5xx. Check out this section of the documentation.

https://help.mikrotik.com/docs/display/ ... +Switching
I only use CRS3xx or CCR series.
Basically RouterOS config
 
User avatar
cfikes
Member Candidate
Member Candidate
Posts: 106
Joined: Mon Dec 08, 2014 9:14 pm
Location: Texas
Contact:

Re: Bridge Access ports

Thu Jun 30, 2022 10:57 pm

Might want to post your configuration then.
 
User avatar
afink
newbie
Topic Author
Posts: 34
Joined: Wed May 29, 2013 7:16 pm
Location: Basel & Freetown
Contact:

Re: Bridge Access ports

Thu Jun 30, 2022 11:07 pm

Might want to post your configuration then.
here is the relevant config sections:

# jun/30/2022 21:59:50 by RouterOS 7.3.1
# software id = 4C9W-ELI7
#
# model = CRS312-4C+8XG

/interface bridge
add admin-mac=DC:2C:6E:90:47:16 auto-mac=no mtu=9200 name=bridge0
/interface bridge port
add bridge=bridge0 ingress-filtering=no interface=ether1
add bridge=bridge0 ingress-filtering=no interface=ether2
add bridge=bridge0 ingress-filtering=no interface=ether3
add bridge=bridge0 ingress-filtering=no interface=ether4
add bridge=bridge0 ingress-filtering=no interface=ether7-brocade pvid=527
add bridge=bridge0 ingress-filtering=no interface=ether8
/interface bridge vlan
add bridge=bridge0 tagged="bridge0,ether1,ether2,ether3,ether4, ether5,ether6,ether8" untagged=ether7-brocade vlan-ids=527
add bridge=bridge0 tagged="bridge0,ether1,ether2,ether3,ether4, ether5,ether6,ether7-brocade,ether8" vlan-ids=528
add bridge=bridge0 untagged="bridge0,ether1,ether2,ether3,ether4, ether5,ether6,ether8" vlan-ids=1

/interface vlan
add interface=bridge0 mtu=9100 name=vlan527 vlan-id=527
add interface=bridge0 mtu=9100 name=vlan528 vlan-id=528

/ip address
add address=10.134.235.7/24 interface=vlan527 network=10.134.235.0

Linux host is connected on a brocade switch (which has no vlan config whatsoever) which is on port ether7-brocade.
Linux host has IP 10.134.235.14 it can not ping 10.134.235.7 with above config

If I move subnet 10.134.235.0/24 out of vlan527 to default vlan 1 all works but thats not the idea
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 19104
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: Bridge Access ports

Thu Jun 30, 2022 11:12 pm

why the quote marks on bridge vlans.......get rid of them.....
 
User avatar
afink
newbie
Topic Author
Posts: 34
Joined: Wed May 29, 2013 7:16 pm
Location: Basel & Freetown
Contact:

Re: Bridge Access ports

Thu Jun 30, 2022 11:33 pm

why the quote marks on bridge vlans.......get rid of them.....
thats what Mikrotik does when you type /export.
The ports where configured with th web gui. so this is not the problem.
The only thing I see different the doc is that they use admit-untagged-only on the bridge port. So it would drop any tagged packets coming in. But as there is nothing like this coming in anyway, it should not matter.
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 19104
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: Bridge Access ports

Thu Jun 30, 2022 11:36 pm

Clearly there are no issues because you know the relevant area of problem. You should thus be able to solve it yourself............
If you dont post the entire config we could be missing some related issues,,,,,,,,,,,, an MT config is not all isolated...
 
User avatar
afink
newbie
Topic Author
Posts: 34
Joined: Wed May 29, 2013 7:16 pm
Location: Basel & Freetown
Contact:

Re: Bridge Access ports

Thu Jun 30, 2022 11:48 pm

Clearly there are no issues because you know the relevant area of problem. You should thus be able to solve it yourself............
Well then if you can't figure it out neither, it must be a bug.
If such simple switching doesn't work as documented, it doesn't make any sense to use Mikrotik switches. Layer2 hell as usual.
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 19104
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: Bridge Access ports

Thu Jun 30, 2022 11:51 pm

No you must be eating st bernard food, I said, you need to provide the complete config to often determine the source of issues........
I dont have enough information to make a determination as I dont guess......
 
User avatar
mkx
Forum Guru
Forum Guru
Posts: 11439
Joined: Thu Mar 03, 2016 10:23 pm

Re: Bridge Access ports

Sat Jul 02, 2022 3:39 pm

You have to enable vlan-filtering on bridge0. Without it, none of vlan config starts to work - including vlan tagging/untagging on access/hybrid ports ...
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 19104
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: Bridge Access ports

Sat Jul 02, 2022 5:10 pm

From the user article Para C - viewtopic.php?t=182373 I had a chuckle at mkx's comment!! (@mkx I rarely look at incomplete configs these days).

Note: excellent user article linked below .........

C. VLAN FILTERING - viewtopic.php?t=143620 and relationship between bridge and vlan filtering - viewtopic.php?t=143620
***** Did you Turn ON VLAN filtering after configuring /ip bridge port and /ip bridge vlan settings *****

Note: MT help topics have vastly improved on this topic and can be found at:
https://help.mikrotik.com/docs/display/ ... NFiltering

https://help.mikrotik.com/docs/display/ ... VLAN+Table

Who is online

Users browsing this forum: EmuAGR, Google [Bot], GoogleOther [Bot] and 85 guests