Community discussions

MikroTik App
 
gdacka
just joined
Topic Author
Posts: 6
Joined: Thu Mar 30, 2017 3:15 pm

Vlan filter CRS3x and CRS2x

Tue Jul 05, 2022 1:17 pm

Hello

Need to make filters that for a specific vlan will pass only specific frames in this case I mean accepting only PPPoE, the rest of the traffic is to be dropped.

eg:

port 1 trunk vlan 10,11,12
port 2 trunk vlan 10,11,12

Traffic in vlan 11 is to be only pppoe the rest blocked. Is it possible because I have a problem with this

While such a filter can be put on a port, it is no possible in a vlan
 
sindy
Forum Guru
Forum Guru
Posts: 10205
Joined: Mon Dec 04, 2017 9:19 pm

Re: Vlan filter CRS3x and CRS2x

Tue Jul 05, 2022 1:33 pm

While such a filter can be put on a port, it is no possible in a vlan
Correct, hardware filtering only handles the frames as they ingress via a port. But you can attach the filter rules to all member ports of VLAN 11 (or, for simplicity, to all ports regardless whether VLAN 11 is permitted on them), and let them match on VLAN ID, so other traffic on the ports will remain unaffected.

Something like (on CRS 3xx):
/interface ethernet switch rule
add switch=switch1 vlan-id=11 mac-protocol=pppoe-discovery ports=ether1,..,ether20
add switch=switch1 vlan-id=11 mac-protocol=pppoe ports=ether1,..,ether20
add switch=switch1 vlan-id=11 ports=ether1,..,ether20 new-dst-ports=""

Who is online

Users browsing this forum: Bing [Bot], godel0914, h3x00r and 66 guests